December 2, 2023

A gaggle of pro-Ukrainian hackers claims to have breached Russia’s nationwide card fee system this week and obtained its person knowledge.

Activists from the DumpForums group and the Ukrainian Cyber Alliance stated they defaced an internet site of the government-run Nationwide Fee Card System (NSPK) and reportedly gained entry to the interior techniques of the buyer fee community Mir (“world” in Russian). Mir, a homegrown various to manufacturers like Visa and Mastercard, is operated by the NSPK.

NSPK confirmed to Russian media that its web site was certainly hacked. The intruders defaced the homepage, leaving a message that claims that this “new” model of NSPK’s web site was created in alternate for its customers’ private knowledge.

The company denied, nonetheless, that any knowledge was leaked. In a remark to the Russian information company Tass, an NSPK spokesperson stated that the web site is developed and maintained by a “third-party contractor,” and as such, it doesn’t retailer any confidential data and isn’t linked to the fee infrastructure.

“It’s inconceivable to entry any techniques via the web site. The corporate’s servers and knowledge facilities do not need web entry,” NSPK’s spokesperson stated.

The company did not touch upon the hackers’ declare that additionally they gained entry to Mir’s inner techniques however acknowledged that the assaults had no influence on monetary transactions and funds.

On the time of publication, the company hadn’t responded to a request for remark. Its web site was nonetheless down as of mid-morning Tuesday, Jap U.S. time.

In response to NSPK’s remark, DumpForums printed a screenshot of a folder that allegedly incorporates 30 gigabytes of Mir knowledge.

Mir was launched in 2014 following Russia’s first invasion of Ukraine and the annexation of the Crimean peninsula as a method to beat potential disruptions in digital funds as a consequence of sanctions imposed on a number of Russian banks.

The system will not be in style outdoors of Russia because of the concern of Western sanctions. Lower than a dozen Russia-friendly nations settle for Mir fee playing cards, together with Belarus, Venezuela and Cuba.

The share of Mir funds in Russia elevated following the Kremlin’s full-scale invasion of Ukraine and the departure of worldwide fee providers from Russia, and it now accounts for almost 50%.

Assaults on Russian banks

Monetary establishments in Russia are in style targets for Ukrainian hackers as they purpose to disrupt the nation’s financial system and make it tougher for the Kremlin to finance its conflict efforts in Ukraine.

In early October, Ukrainian hackers [collaborated]( with the nation’s safety providers, the SBU, to breach Russia’s largest personal financial institution, Alfa-Financial institution, and acquire knowledge from thousands and thousands of its prospects.

A professional-Ukrainian group additionally claimed accountability for a cyberattack on Russia’s MTS Financial institution and Russia’s largest state-owned financial institution, Sberbank.

In November of final yr, Ukrainian cyber activists claimed to have breached the Central Financial institution of Russia, stealing 1000’s of inner paperwork detailing the financial institution’s operations, safety insurance policies, and the non-public knowledge of a few of its present and former workers.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

No earlier article

No new articles

Daryna Antoniuk

Daryna Antoniuk
is a contract reporter for Recorded Future Information based mostly in Ukraine. She writes about cybersecurity startups, cyberattacks in Jap Europe and the state of the cyberwar between Ukraine and Russia. She beforehand was a tech reporter for Forbes Ukraine. Her work has additionally been printed at Sifted, The Kyiv Impartial and The Kyiv Publish.