Beeline, one of Russia’s largest telecom providers with over 44 million subscribers, faced a major disruption on Monday following a large-scale distributed denial-of-service (DDoS) attack. The attack targeted the company’s mobile app, website, and internet services, causing widespread connectivity issues, particularly in Moscow and surrounding regions. According to reports from outage-tracking services and user complaints, many Beeline users experienced difficulties accessing services, including app failures and internet disruptions. The company confirmed the attack and noted that its specialists worked swiftly to address the issue, although they did not provide further details on the full scope or the impact of the attack.
This cyberattack follows a similar incident in February, where Beeline experienced another large-scale disruption due to a DDoS attack.
The attacks, which also affected home and mobile internet services, are part of a broader trend of hacktivist-driven cyberattacks targeting Russia’s telecom sector. Earlier in the year, another major Russian telecom provider, MegaFon, was targeted in a similar attack, with both incidents being attributed to politically motivated threat actors. A cybersecurity source revealed that the attack on Beeline involved malicious traffic from 1,600 IP addresses, with a similar attack on MegaFon originating from 3,300 IP addresses, making the Beeline attack more concentrated per IP address.
Beeline was previously owned by Veon, a Netherlands-based company that also owns Kyivstar in Ukraine.
Following the invasion of Ukraine, Veon sold its Russian assets, including Beeline, as part of its exit strategy. The company has since operated independently, but the ongoing cyberattacks in Russia’s telecommunications sector continue to target critical communication infrastructure. In 2023, Kyivstar suffered one of the most significant Russia-linked cyberattacks, resulting in widespread service disruptions and estimated losses of nearly $100 million.
The attack on Beeline is part of a broader wave of cyber incidents affecting Russia’s telecom companies. Other providers, including Rostelecom, have also been targeted, with hacker groups like Silent Crow claiming responsibility for data leaks and other attacks on contractors. In addition, the Ukrainian Cyber Alliance has targeted Russian providers like Nodex, claiming responsibility for the destruction of their infrastructure. These incidents underscore the growing risk of politically motivated cyberattacks on Russia’s telecommunications sector, with DDoS attacks making up a significant portion of the cyber threats faced by the industry.
Reference:
