Aeroflot hacked - Russia's biggest airline forced to ground flights following attack

News
By published

Two groups claim responsibility for Aeroflot attack

airplane
(Image credit: Shutterstock)
  • Russian airline Aeroflot confirms suffering an IT incident
  • More than 40 flights were allegedly grounded following attack
  • Silent Crow and Cyberpartisans both claimed responsibility

Aeroflot, Russia’s largest airline, has suffered a cyberattack which disrupted its operations and grounded dozens of flights.

The news was confirmed by the airline, as well as by the Kremlin itself - and also by two cybercriminal groups who claimed responsibility for the attack - Silent Crow, and Cyberpartisans.

The former is a Ukrainian group, while the latter - Belarusian.

"War on all fronts"

In a Telegram group, Silent Crow apparently said its “prolonged and large-scale operation” - “completely destroyed” the airline’s IT system. As a result, more than 40 flights were canceled, the BBC reported, mostly domestic flights inside Russia, but also a few routes to Belarus and Armenia.

Cyberpartisans also confirmed taking part in the hack, noting, "We are helping Ukrainians in their fight with the occupier, carrying out a cyber strike on Aeroflot and paralysing the largest airline in Russia."

Reliable information from Russia is hard to come by, but some media are reporting that the airline confirmed having issues with its information system.

"We must not forget that the war against our country is being waged on all fronts, including the digital one,” the BBC cited Anton Gorelkin, a Russian MP.

Since the war between Russia and Ukraine started in 2022, cybercriminals, hacktivists, and state-sponsored hacking groups have been active more than usual, trading blows across the internet, disrupting critical infrastructure organizations, spying on military, defense, government, and IT organizations, and stealing sensitive data.

Conti, which was a major ransomware operator at the time, publicly sided with Russia, stating they would retaliate against any attacks on Russia in cyberspace. This angered its affiliates, many of which were Ukrainian. Soon after, an unidentified hacker leaked Conti’s chat logs which, although indirectly, resulted in the group’s disbanding.

In June 2024, one person was arrested in Ukraine, under suspicion that they developed encryptors for Conti.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.