Aeroflot, other airlines’ flights delayed over DDoS attack

Aeroflot and several other Russian airlines were forced to delay flights after pro-Ukrainian attackers flooded Russia’s airline ticket reservation system.

Several of Russia’s airline carriers, such as Aeroflot, Pobeda, Azur Air, and Rossiya, reported experiencing difficulties performing passenger check-in after a distributed denial-of-service (DDoS) attack.

“Attention to passengers flying on Aeroflot Group airlines. Due to a global failure in the Leonardo reservation system, check-in at airports in the company’s route network is difficult,” Aeroflot said on its official Telegram channel.

Leonardo is Russia’s domestic airline reservation system, developed by Sirena-Travel, a company controlled by Russia’s state-owned tech conglomerate, Rostec.

While the system was developed in 2014, airlines started using it only in 2022, after international software companies left Russia amidst Moscow launching a full-scale war against Ukraine.

Rostec explained to Russian business media that the disruption was caused by a “massive DDoS attack from abroad.” As a result, passengers were asked to arrive at the airports early, as check-in had to be done manually.

“At the moment, measures are being taken to restore normal operation of the system as quickly as possible. Check-in at airports occurs manually. Please arrive at the airport in advance,” Pobeda announced on Telegram.

While the exact culprits of the attack are unknown, the IT Army of Ukraine, a pro-Ukrainian cyberwarfare collective, seemingly took credit for the attack.

“While you’re sipping your artisanal latte, our “noble” neighbors to the north are stuck in queues, trying to book flights,” Ukraine’s IT Army said on its Telegram. “Well done, IT Army!”

The attack lasted only a few hours as Aeroflot and other impacted airlines simultaneously shared identical messages saying that “the functionality of the Leonardo booking system has been restored.” However, at the time of publishing, Aeroflot’s website was inaccessible.

More from Cybernews:

Misconfigured WBSC server leaks thousands of passports

DarkBeam leaks billions of email and password combinations

Raspberry Pi 5 brings extra kick, creeps in price and power usage

Victory, for now: AI will not replace Hollywood writers

eBay sold illegal devices, products containing restricted chemicals, says lawsuit

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked