Ukrainian hackers left Moscow’s sewage system without 87,000 sensors


Hacker group Blackjack, affiliated with Ukrainian intelligence services, claims to have shut down Moscow’s sewage network systems.

After a massive cyberattack on Moskollector, a company operating a communications system for the sewage network in Moscow, access to all 87,000 sensors and controls has been disabled, including airports, subways, and gas pipelines, the hackers claim.

This prevents the utility company from responding to accidents and emergency events.

The other damages include the deletion of all servers, mail, 30TB of data including backup drives and most workstations, factory reset of all routers, invalidation of all key cards, disabling of SIM cards, and others.

Hackers even claim to have permanently damaged some physical devices with the malware Fuxnet, which they describe as “Stuxnet on steroids.” They degraded the sensory equipment by NAND/SSD exhaustion and introduction of bad CRC (cyclic redundancy check – error-detecting code) into the firmware.

sensors_overview_graphic

“About 1,700 sensor routers were destroyed. The central command-dispatcher and DataBase have been destroyed. All 87,000 sensors are offline,” hackers said and shared a lot of screenshots of their activities.

For a while, the webpage moscollector.ru and social media accounts belonging to the company were defaced.

sensors_sample-overview-admin-interface1

As first reported by liga.net, it may take from two weeks to up to a month to restore the functionality of the systems.

At the time of writing Moskollector’s website was up and running. The real extent of the damage is unclear.

A few days ago, the same Ukrainian hackers destroyed a data center used by the Russian military, energy, and telecommunications industries.


More from Cybernews:

The $100 cybersecurity budget – how cyber pros would spend it

New AI act forces companies to disclose use of copyrighted content

Cybergang attack Germany using AI-generated code

Apple warns of 'mercenary spyware attack'

LockBit bungles attempt to rebrand as DarkVault

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked