A significant cybersecurity breach has impacted LANIT, a leading Russian IT service and software provider. The attack, which occurred on February 21, 2025, affected two entities under the LANIT Group: LLC LANTER and LLC LAN ATMservice. Both companies specialize in banking technology, providing software for banking equipment, payment systems, and ATMs. The breach has raised concerns due to LANIT’s prominent role in the Russian IT sector, with clients including the Russian Ministry of Defense and key players in the military-industrial complex.
The National Coordination Center for Computer Incidents (NKTsKI) issued a warning to organizations in Russia’s credit and financial sector, urging them to take immediate actions. They advised affected parties to rotate passwords, access keys, and change remote access credentials for systems hosted in LANIT’s data centers. This precaution was recommended for all organizations utilizing LANIT’s software products, especially those whose systems were developed, deployed, or maintained by LANIT engineers. Enhanced monitoring of these systems is also strongly advised.
Although NKTsKI did not provide specifics on how the attackers infiltrated LANIT’s network, they did issue a series of security measures to mitigate the potential damage. The breach is particularly concerning due to LANIT’s connection to the military-industrial sector, which has made it a target for various cyber actors in the past. However, there is no official statement regarding what data may have been stolen or who might be behind the attack.
Given the critical nature of LANIT’s services in the banking and financial sector, this breach poses a significant risk to Russian ATM operators and financial institutions. The attack highlights the vulnerabilities in the supply chain, as compromised service providers like LANIT could potentially allow attackers to infiltrate multiple connected organizations. As Russian authorities continue their investigation, businesses using LANIT’s infrastructure are urged to take additional precautionary measures.
Reference:
