May 27, 2022

TheCyberThrone

Thinking Security ! Always

A Widget breach to attack Russian Websites

Russian cyber defence team thwarted a cyber-attack that sought to compromise government websites via a hacked statistics widget.

Developed by the Russian Ministry of Economic Development and built into the websites of several state-run agencies, was hacked last week and this allowed unidentified hackers to “publish incorrect content on the pages of the websites”, a representative of Russia’s communications agency told official news agency Interfax. Prompted to localize the incident and prevented the massive disruption and restore the services within an hour

Advertisements

The widget used to collect visitor statistics was reportedly hacked by unidentified parties as part of a software supply chain attack.

The compromised websites included those maintained by the “Russian Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, the Energy Ministry, the Federal State Statistics Service, and a number of other agencies”.

This has been seen as an example of conflict that has accompanied Russia’s invasion of Ukraine spilling over into cyberspace.

In a similar kind of attack, earlier this month at least 30 Ukrainian university websites were hacked as part of a larger operation by pro-Russian attackers against WordPress-hosted sites.

%d bloggers like this: