Pro-Russian KillNet targets thousands with ties to NATO
The pro-Russian hacktivist group KillNet has leaked stolen data allegedly belonging to thousands of individuals with ties to NATO.
The group began posting the trove of “Top Secret” documents on its encrypted Telegram account around 830 a.m. ET Thursday.
KillNet has apparently created a new dedicated channel filled with a sample of the leaked documents simply titled “F**K NATO.“
“Drains of NATO private accesses of different levels of secrecy, private documents, interesting military manuals for your beautiful eyes from WE ARE KILLNET!,” its first post translates from Russian.
The leaks happen to coincide with a visit Thursday to the Ukrainian capital, Kyiv, by NATO Secretary General Jens Stoltenberg.
NATO, short for the The North Atlantic Treaty Organization is a defensive military alliance between the US, Canada and 29 European member states.
The politically motivated hackers also noted they will be adding new information daily.
According to the threat intelligence platform FalconFeedsio, the stolen data references roughly 4639 individuals with links to NATO.
Cybernews was able to view the leaked samples, which included a CSV file containing the personal information of the individual victims in alphabetical order.
The database shows the victims full name, phone number, and email address along with the name of a city and identifying country.
Many of the domain names of the email addresses are linked to defense organizations from the US, UK, Australia and more, as noted by FalconFeedsio, who tweeted the news Thursday afternoon.
Another of Thursday's leak alleges “Documents, presentations, descriptions of events and reports of a different nature "on the subject of Ukraine," the group posted.
KillNet claimed, “you will find the rest of 100.000+ documents and every hat on the NATO LAWFAS portal itself.”
An additional sample claims the online NATO military school JADL, including login information and “100” passwords.
According to the JADL home page, a “NATO-Military, Governmental or NATO official email is required” to even register for the e-learning site.
The channel’s first post also shows a collage of notes and images of various articles and documents depicting what appears to be KillNet’s version of NATO history from a Russian perspective.
KillNet is a hacktivist group known to outwardly support the Kremlin's social and political agenda, especially when it comes to the war in Ukraine.
In February, the gang attacked over a dozen hospitals and healthcare organizations in the US after President Biden’s promised to provide Abrams military tanks to the war-torn nation.
Weeks later, KillNet targeted the German automotive and arms manufacture Rheinmetall after rumors the company was planning on setting up a tank factory in Ukraine.
The group is extremely vocal on their channels about their chosen attacks and uses the attention as an ongoing recruitment tool.
The group’s hacking method of choice is the Distributed Denial of Service (DDoS) attack, which floods the victims network, IP address or applications with requests, essentially causing its servers to crash and go offline.
Wednesday, the gang also singled out Europe’s air traffic control safety organization, EuroControl, for being associated with NATO.
“This organization seems to be harmless, but unfortunately it is part of the nato.int organization,” KillNet posted.
“⚡️So today we will bring great inconvenience to all European airlines!,” the group said, possibly implying an upcoming attack.
On April 13, a KillNet “Hacked” post claimed leaked documents from the alliance’s Communications and Information Agency, NATO NCS.
NATO affiliated organizations and members states have been subjected to numerous cyber attacks by Kremlin supporters since the Russian invasion of Ukraine began last spring.
