Pierluigi Paganini October 07, 2024

Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv’s hackers.

A Ukrainian government source told Reuters that Kyiv’s hackers are behind the cyber attack that disrupted operations at the Russian state media company VGTRK on Putin’s birthday.

The All-Russia State Television and Radio Broadcasting Company (VGTRK, Russian: ВГТРК) or Russian Television and Radio Broadcasting Company, also known as Russian Television and Radio, is a national state-owned broadcaster which operates many television and radio channels in 53 of Russia’s languages. The company was founded in 1990 and is based in Moscow.

Kremlin spokesman Dmitry Peskov told media that an “unprecedented hacker attack on its digital infrastructure” is the root cause of the disruption.

The cyberattack on VGTRK disrupted online broadcasts, internal services, and communications, reportedly wiping servers and backups.

Early on Monday, the cyber attack took offline the website of VGTR along with its Rossiya-24 rolling 24-hours news channel.

Users who attempted to view the live stream reportedly received the following message:

“503 Service Unavailable. No server is available to handle this request,”

“Our state media holding, one of the largest, has faced an unprecedented hacker attack on its digital infrastructure,” Peskov told reporters. “Specialists are working to find out all the circumstances, to understand where the traces left behind by those who organised this hacker attack on the critical infrastructure object lead.”

“Ukrainian hackers ‘congratulated’ Putin on his birthday by carrying out a large-scale attack on the all-Russian state television and radio broadcasting company,” A Ukrainian government source told Reuters,.

According to local media, the attackers employed a malicious code that wiped the VGTRK servers, the wiper also destroyed the backups.

Russian government officials have yet to publicly attribute the cyber attack to Ukraine.

Russian media have been targets of the cyber attack since the beginning of the conflict, the Kremlin states that these cyber operations are part of a broader “hybrid war.”

During the Russian invasion of Ukraine, VGTRK faced accusations of spreading propaganda, disinformation, and inciting hate. In 2017, Lithuania banned one of its channels, RTR Planeta.

Update October 8, 2024: The Russian authorities believe that the pro-Ukrainian group ‘Sudo rm-RF’ launched the attack against VGTRK.

Russian Foreign Ministry spokesperson Maria Zakharova announced that the Russian government will raise this issue at the UN and UNESCO.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, information warfare)