January 10, 2024 at 02:49PM
The pro-Ukraine hacktivist group ‘Blackjack’ claimed a cyberattack on Russian ISP M9com in retaliation for an attack on Ukraine’s Kyivstar mobile operator. The attack disrupted M9com’s services and exposed confidential data. Blackjack promised more attacks as retaliation for the Kyivstar hack. The group is reportedly linked to the Security Service of Ukraine.
The meeting notes reveal that a pro-Ukraine hacktivist group named ‘Blackjack’ has claimed responsibility for a cyberattack against Russian internet services provider M9com. The attack is said to be a direct response to a previous attack that disrupted Ukraine’s largest telecommunications service provider, Kyivstar, which was later revealed to be the work of Russian hackers.
The Security Service of Ukraine (SSU) discovered that Russian hackers initially breached Kyivstar in May of last year and subsequently carried out a coordinated attack in December, resulting in the wiping of thousands of virtual servers and computers.
The Blackjack group announced their breach of M9com on Telegram and shared a link to three ZIP archives containing images, text files with account credentials, and 50GB of call data allegedly taken from M9com’s systems.
The leaked information includes full names, usernames, email addresses, passwords, and other confidential details. BleepingComputer reached out to M9com for comment on the leaked information but did not receive a response.
In addition to disrupting M9com’s internet services, Blackjack also defaced the company’s official website. The group has declared that this attack is just the beginning of a series of planned retaliatory actions following the Kyivstar hack.
Unlike typical pro-Russian hacktivist attacks, the Blackjack group’s actions have a greater impact as recovery from wiped servers is more challenging, especially if backups have also been destroyed. According to Ukrinform, the Blackjack group, said to be “likely related to the SBU” (the Security Service of Ukraine), deleted around 20 terabytes of data during the attack.