Ukraine Monobank Massive Russian DDoS Attack Disrupts Services

Overview
Monobank, one of Ukraine’s prominent online banking services, recently faced a significant distributed denial-of-service (DDoS) attack. Beginning on Friday evening and lasting through Monday morning, the attack involved a staggering 7.5 billion requests per second. Oleh Horokhovskyi, the bank’s CEO, mentioned that such a massive-scale attack was unusual. However, according to Horokhovskyi, the operations of the bank remained unaffected due to rapid collaboration with Ukraine’s security services and Amazon Web Services. There is some disagreement in various media reports on the effects the attack had on the consumer-facing services of the bank.
The attempt to flood the bank with junk internet traffic primarily aimed to disrupt a specific service used by many Ukrainians to raise donations for the military. As a mobile-only bank, Monobank’s infrastructure is vulnerable to such attacks. During a previous incident in January, the bank faced 580 million service requests over three days.
Key Points:
- Attack Volume : Peaked at 7.5 billion requests per second over the weekend.
- Service Integrity : Despite the volume, Monobank claimed to maintain operations without disruption. Some media reports dispute this claim.
- Mitigation Efforts : Joint efforts with security services and Amazon Web Services helped manage the influx.
Horokhovskyi pointed out that this particular attack aimed at hindering the platform used to collect military donations. This service utilizes virtual wallets, making it easy to share and contribute through social media platforms like Instagram. Since Ukraine’s recent incursion into Russia’s Kursk region, the donation rate from customers tripled.
The ongoing donations via Monobank have likely frustrated adversaries, prompting the cyberattack. While Monobank hinted that Russia might be behind the attack, no concrete evidence has been presented. Horokhovskyi labeled Monobank as one of Ukraine’s IT targets facing frequent attacks.
Comparative Incident :
Another Ukrainian entity, EasyWay, which provides public transport information, reported a DDoS attack on the same weekend. The attack posed a potential risk to their operations, but like Monobank, they did not identify a specific group as responsible.
- EasyWay : Public transport service facing similar DDoS attacks.
- Impact : Potential disruptions in their information services.
Interestingly, Russian services are also dealing with DDoS attacks, often originating from Ukraine. For instance, government websites and critical infrastructure in Russia’s Kursk region were targeted following Ukraine’s military activities. Large Russian banks confirmed experiencing DDoS attacks, which disrupted their mobile apps and websites.
Broader Context :
- Ukrainian Response : Increased cyber activities targeting Russian services.
- Russian Cyber-Efforts : Larger banks and infrastructure under frequent DDoS attempts.
This ongoing cyber retaliation reflects the escalating cyberwarfare between Ukraine and Russia. Both countries experience cyberattacks aimed at digital banking services, government websites, and critical infrastructure.
In summary, Monobank’s latest incident underscores the persistent cyber threats faced by Ukraine’s online banking sector. The collaboration with security services and tech companies like Amazon Web Services played a pivotal role in mitigating the attacks, preserving operational integrity despite the high volumes of malicious traffic. Both Ukrainian and Russian services continue to navigate the complexities of these cyber challenges amidst the broader geopolitical conflict.
Frequently Asked Questions

How Did Monobank in Ukraine Respond to the DDOS Attacks?
Monobank quickly identified the onset of the Distributed Denial-of-Service (DDOS) attacks and implemented emergency protocols to mitigate the effects. Their team collaborated with Amazon Web Services to manage the vast number of requests, ensuring that the core banking services remained operational despite the disruptions. This quick response helped to minimize the impact on their customers.
What Is the Impact of the DDOS Attacks on Ukrainian Banking Services?
The DDOS attacks temporarily overwhelmed Monobank’s infrastructure, causing delays and intermittent service issues. Although the core banking functions were largely unaffected, the sheer volume of fake traffic created challenges in maintaining seamless service. Other Ukrainian banks experienced heightened security measures and possible slowdowns as they also prepared for potential threats.
What Measures Are Being Taken to Protect Ukrainian Banks from Cyber Threats?
Ukrainian banks, including Monobank, are enhancing their cybersecurity strategies. They are investing in advanced firewall technologies, regular security audits, and collaboration with international cybersecurity firms. These measures aim to fortify their networks against similar future attacks and ensure continuous service delivery to customers.
Have There Been Any Official Statements from Monobank Regarding the Cyber Attacks?
Monobank’s co-founder and CEO, Oleh Horokhovskyi, has been transparent about the attacks. He confirmed the timeline and scale of the DDoS events and assured customers that steps were being taken to address and prevent further disruptions. The official statements aimed to reassure the public and maintain trust in their banking services.
How Have Other Financial Institutions in Ukraine Been Affected by the DDOS Attacks?
The attacks on Monobank have prompted other Ukrainian financial institutions to bolster their defenses. While there have been no reports of similarly scaled attacks on other banks, the heightened awareness and readiness across the sector illustrate the broader impact. These institutions are now more vigilant and proactive in their cybersecurity measures to prevent similar incidents.
Building better solutions for better business®


