Killnet Threatens Imminent SWIFT, World Banking Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Killnet Threatens Imminent SWIFT, World Banking Attacks


The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.



The pro-Russian hacktivist collective known as Killnet claims to be working in concert with a resurgent form of the notorious ReVIL ransomware gang. The goal? To mount an attack on the Western financial system.
The group is warning that attacks are imminent, as in the next day or so; but its unclear whether the threats amount to anything more than bluster and saber-rattling, particularly given Killnets past track record of, at most, carrying out
mildly disruptive distributed denial of service (DDoS) attacks
.
Even so, in a video posted on a Russian Telegram channel on June 16, Killnet made ominous threats against the
SWIFT banking system
(famously targeted by Lazarus in 2018); the Wise international wire transfer system; the SEPA intra-Europe payments service; central banks in Europe and the US (i.e., the Federal Reserve); and other institutions.
The post claims that threat actors from Killnet, REvil, and Anonymous Sudan will unite for the campaign, according to ZeroFox researchers, writing in a flash alert on the threat. Killnet indicates that the attack is motivated by the
US providing weapons to aid Ukraine
, stating: repel the maniacs according to the formula, no money — no weapons — no Kiev regime.
When it comes to the claimed partnerships, Anonymous Sudan is an emergent DDoS player that targeted entities in France, Germany, the Netherlands, and Sweden earlier this year, ostensibly in retaliation for perceived anti-Islamic activity in each of these countries. However, despite this religious persona, Trustwave researchers in the past have tied
Anonymous Sudan to Killnet
, noting it could simply be a masked subsidiary.
As for ReVIL, which imploded in 2022 after a
Russian takedown
, evidence of a re-emergence is one day old: On June 15, a Telegram channel called, fittingly, REvil, was created. It was used to circulate a shout-out (Hello Killnet) that went on to be heavily re-posted in a Killnet-affiliated Telegram channel, according to ZeroFox.
This is the only post in channel to date and no additional evidence substantiating the partnership has been observed, the researchers noted.
A previous whiff of
ReVILs resurrection came more than a year ago
, when rumors surfaced that some members were regrouping — but nothing more came of it.
Killnet could be fabricating the ReVIL partnership to lend some heft and gravitas to its threats against some tough targets. While Killnet has successfully gone after big game before,
such as the White House and SpaceX satellite comms in Ukraine
, these had limited impact, causing short service outages and disrupting access to information, ZeroFox researchers said. A ReVIL partnership thats more than a flight of fancy would allow them greater access to vulnerability exploitation, network intrusion, and data exfiltration.
Absent that, the [threatened attacks], if legitimate, are unlikely to result in mass or prolonged outages to Western banking infrastructure, despite the newly claimed relationships with REvil and Anonymous Sudan, they added.
Even so, the publicity push around a supposedly imminent financial catastrophe could be simply an effort to harry Western governments and financial institutions, ZeroFox concluded — or, given
Killnets penchant for shenanigans,
just an attempt to garner attention and notoriety.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Killnet Threatens Imminent SWIFT, World Banking Attacks