Hacker Claims to Take Down Russian Bank Websites on Election Day
Apparently, the hacker’s clients are annoyed at Russia’s alleged interference in the US election.
Alpha-Bank signage in Moscow in May 2016. Image: BestPhotoPlus/Shutterstock
Just as Americans are lining up to vote, one DDoS-for-hire service has already claimed responsibility for several brief attacks against Russian targets, apparently in response to the country's alleged interference throughout the US election.
On Tuesday, a hacker calling himself vimproducts showed Motherboard a selection of Russian banking and other financial websites, before claiming to take them offline.
Those sites included the Moscow Exchange, the Bank of Moscow, Rosbank, and Alfa-Bank. One by one, vimproducts sent Motherboard a link to the site which was fully functional. Moments later, they became either unresponsive or went offline. At the time of writing, three out of four all still inaccessible, about an hour after vimproducts claimed he started his DDoS attacks.
It is vimproduct's customers that wanted to target Russian websites, he said.
"Russia is bothering some clients with their effects on the US election," he claimed in an online chat.
Vimproducts would not say how much his alleged clients had paid for these attacks, but usually he charges $25 or $150 a day depending on the attack and site. According to his profile on the dark web marketplace AlphaBay, vimproduct's $150 service is "meant for either protected websites, or medium-large websites."
"Obviously this costs more," he said, referring to the Russian attacks.
Vimproducts also tried to take down the website of the Russian Ministry of Economic Development, but after several attempts the site remained online.
It's important to note that vimproducts sought out journalists to cover his alleged attacks: he emailed a Motherboard reporter with an interview offer. In our chat, he conceded that hitting Russian targets on Election Day is good PR for his business. (He also asked Motherboard to include his contact details, but we declined).
"It's also pretty bad PR for Russia :)" he wrote.
He also castigated the allegedly targeted banks for their "flawed security."
"DDoS protection is inadequate. Should not be this easy to take them down," he said.