U.K. authorities are investigating distributed denial-of-service attacks that have targeted cryptocurrency exchange Currency Com Global LLC, better known as Currency.com.
The attacks started in April after the founder of Viktor Prokopenya, the founder of Currency.com, announced the company was pulling out of Russia in protest against the invasion of Ukraine, MSN reports. Prokopenya condemned the invasion as “Russian aggression” and referred to the invasion as a “terrible war.”
The first attack occurred within hours of Prokopenya’s statement and is believed to have been the first Russian cyber attack on a U.K. company after the invasion had started. Forward to August and the DDoS attacks against Currency.com have continued, with those behind the attacks attempting to knock Currency.com offline.
“The cyber attack has been going on almost on a daily basis every day for the last three months,” Prokopenya said. “It’s like someone repeatedly trying to break down your front door.”
The U.K. National Cyber Security Center does not believe the attacks are being carried out by the Kremlin but likely by criminals who support Russia’s invasion. 18% to 32% of the servers used in the DDoS attacks were located in Russia and Belarus.
Who is specifically behind the attacks remains unknown. Toby Lewis, head of threat analysis at AI cybersecurity company Darktrace Holdings Ltd., told SiliconANGLE that it’s important to be cautious when pointing the finger in cyber warfare.
“Government agencies are yet to claim that this is a Russian state-directed attack and this could be an inaccurate conflation of different data points for the purpose of a news story,” Lewis explained. “It is more likely that the group behind this is state-aligned, meaning their outcomes are consistent with state interests – but there is no solid proof that the Russian state ordered this attack.”
Lewis noted that the attacks against Currency.com are similar in nature to the DDoS attacks undertaken by Killnet. The Russian hacking group targeted organizations with DDoS attack in Lithuania in June and is currently claiming to have attacked aerospace company Lockheed Martin Corp.
“These attacks are not particularly sophisticated and are easy to mitigate from a technical perspective, but threat groups know that they are noisy and will hit the headlines and spark controversy,” Lewis added.