Ukrainian hacktivist operation IT Army has taken credit for a significant cyberattack against Russian state-owned railway firm RZD, which resulted in the disruption of its website and mobile app for at least six hours, according to The Record, a news site by cybersecurity firm Recorded Future.
Operations have already been restored by RZD although certain online services remain unavailable amid ongoing attacks but IT Army said in a message on its Telegram channel that it did not intend to permanently dismantle the Russian railway's website.
"It requires significant effort to prepare an attack on such a target. Even if the website is down only for an hour, it would still have a significant impact on the economy of the aggressor country," said IT Army.
Such an attack comes after the RZD had its website and mobile app taken offline by distributed denial-of-service attacks in the early days of the war between Russia and Ukraine.
"This trend might also be perpetuated by the wider availability and increased quality of AI tools that lack prompt filtering, which cybercriminals can use to quickly assemble and debug their code," said Europol.
FLUXROOT exploited Google Cloud container URLs to establish phishing pages distributing the Grandoreiro banking trojan, which proceeded to exfiltrate credentials from widely used LatAm online payments platform Mercado Pago.
Illicit cyber activities conducted by Chinese cybercrime syndicate Vigorish Viper involving a sophisticated technology suite have been supported by the group's illegal betting platforms advertised by sports teams, including European football clubs and Indian cricket and kabaddi teams.