“Russian Killnet is behind the attack” according to the security expert

Russian Killnet is behind the attack according to the security

Published: Less than 10 min ago

full screen Cyber ​​security expert Marcus Murray. Photo: Ali Lorestani/TT

Several authorities have been hit by an IT attack – but despite the hacker group’s name, it is not Sudan that is behind it.

It is the Russian hacker group Killnet, says cyber security expert Marcus Murray.

– That is our assessment based on the intelligence work we have done, he says.

Several Swedish authorities and websites are exposed to so-called overload attacks on Sunday, states the cyber security company Truesec.

Hacker group Anonymous Sudan has claimed responsibility for the attacks and warned that they would be carried out shortly before 10am on Sunday.

In their Telegram channel, the group writes that they have attacked Swedish infrastructure as a response to the Koran burnings.

The Russian hacker group Killnet is also mentioned in a video.

“The attacks will continue until Tuesday, violently,” writes the hacker group in the channel.

The authority for social protection and preparedness, MSB, says that they have been “informed about the threats before”. Among the affected are also authorities and companies such as Tele2, Vattenfall, the Swedish Energy Agency, Kivra and Saab.

Just before 12 o’clock, several websites are up and running again.

“About Russian hacker group”

Truesec has been tracking the Anonymous Sudan hacker group since the attacks began in January. Cybersecurity expert Marcus Murray says Anonymous Sudan is most likely the Russian hacker group Killnet operating under a false flag.

– We see that the Russian Killnet is behind it all, that is our assessment based on the intelligence work we have done, says Marcus Murray and continues:

– Several authorities on the published list are affected. But far from all have been attacked. It becomes clear who has well-functioning protection.

Restricts use

Overload attacks, so-called DDOS attacks, were previously also used against SAS and are common among Russian hacker groups. It aims to limit the use of the system through overloading.

– It is the websites and web services that are exposed. But it doesn’t affect the businesses in general any more than the websites being down, he says.

Killnet is already known through several DDOS attacks against various targets in Europe. The hacker group claims to be behind a series of cyber attacks in connection with the war in Ukraine.

afbl-general-01