Ukrainian BlackJack APT Attack on Moscow OT Infrastructure (Fuxnet)
Apr 16, 2024 | Radiflow team
The hacker group called BlackJack, possibly affiliated with Ukrainian intelligence, launched a highly coordinated cyberattack on April 9th against Russian Moscow “Moscollector” industrial sensor and monitoring infrastructure. This infrastructure is vital for managing the safety and security of Moscow’s municipal services, including gas, water, and fire alarms.
The attackers deployed Fuxnet malware and, according to their claims, disrupted 87,000 sensors and control systems across various facilities, while deliberately avoiding civilian infrastructure. Additionally, the attack resulted in the physical destruction of about 1,700 sensors and routers. In addition to damaging physical equipment, the attackers wiped 30TB of critical data from servers, including backup drives and most workstations. They also leaked sensitive data from the Network Operation Center (NOC) and defaced Moscollector’s website and Facebook account.
The Radiflow Research Team analyzed the attack based on the data published by hackers on the website, ruexfil.com.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.