Killnet threatens imminent SWIFT, world banking attacks
The pro-Russian hacktivist collective known as Killnet claims to be working in concert with a resurgent form of the notorious ReVIL ransomware gang. The goal? To mount an attack on the Western financial system.
The group is warning that attacks are imminent, as in the next day or so; but it’s unclear whether the threats amount to anything more than bluster and saber-rattling, particularly given Killnet’s past track record of, at most, carrying out mildly disruptive distributed denial of service (DDoS) attacks.
Even so, in a video posted on a Russian Telegram channel on June 16, Killnet made ominous threats against the SWIFT banking system (famously targeted by Lazarus in 2018); the Wise international wire transfer system; the SEPA intra-Europe payments service; central banks in Europe and the US (i.e., the Federal Reserve); and other institutions.
“The post claims that threat actors from Killnet, REvil, and Anonymous Sudan will unite for the campaign,” according to ZeroFox researchers, writing in a flash alert on the threat. “Killnet indicates that the attack is motivated by the US providing weapons to aid Ukraine, stating: ‘repel the maniacs according to the formula, no money — no weapons — no Kiev regime.'”
Killnet’s New Besties: Real or Imaginary?
When it comes to the claimed partnerships, Anonymous Sudan is an emergent DDoS player that targeted entities in France, Germany, the Netherlands, and Sweden earlier this year, ostensibly in retaliation for perceived anti-Islamic activity in each of these countries. However, despite this religious persona, Trustwave researchers in the past have tied Anonymous Sudan to Killnet, noting it could simply be a masked subsidiary.
As for ReVIL, which imploded in 2022 after a Russian takedown, evidence of a re-emergence is one day old: On June 15, a Telegram channel called, fittingly, “REvil,” was created. It was used to circulate a shout-out (“Hello Killnet”) that went on to be heavily re-posted in a Killnet-affiliated Telegram channel, according to ZeroFox.
To read the complete article, visit Dark Reading.