The Russian internet provider Nodex reported that its network was destroyed in a cyberattack that it suspects originated from Ukraine. The company stated on the Russian social media platform VKontakte that the planned attack ruined its infrastructure overnight. Nodex is working to restore systems from backups but could not provide a timeline for when operations would fully resume.
“Our priority is to restore telephony and the call center first,” the company stated. On Wednesday, Nodex announced that it had restored its DHCP server, which assigns IP addresses and network settings to devices. “Many people should now have internet access.
Please restart your routers,” the company advised. The internet monitoring service NetBlocks shows that Nodex’s connectivity collapsed at midnight on Tuesday, affecting both fixed-line and mobile services. The Nodex website remains inaccessible, and customers have been complaining about the disrupted services on the company’s official social media page.
nodex working to restore services
The Ukrainian Cyber Alliance, a hacker group, took responsibility for the attack on Monday. The group stated that the company was “completely looted and wiped, and its data exfiltrated.” “The empty equipment without backups was left to them,” the hackers added.
On their Telegram channel, the group shared screenshots of hacked systems and data they allegedly stole. The Ukrainian Cyber Alliance is a community of pro-Ukraine cyber activists formed in 2016. The group has targeted Russian entities since Russia invaded Ukraine nearly three years ago.
Last October, the group claimed responsibility for knocking out parking enforcement in the Russian city of Tver. The year before, the hackers alleged to have breached Russia’s national card payment system and obtained user data. The attack on Nodex is one in a series of recent cyber incidents against Russia claimed by Ukrainian groups.
Earlier in January, cyber specialists from Ukraine’s military intelligence (HUR) claimed they attacked the Russian railway system operator, destroying its servers, disabling workstations, and wiping backups. In December, HUR claimed responsibility for the attack on a major financial institution in Russia, reportedly causing widespread disruptions and leaving “hundreds of thousands of Russians unable to complete money transfers or online payments.” The targeted companies did not publicly acknowledge the attacks.
