Ukraine’s military intelligence (HUR) said Thursday it launched a cyberattack that crippled Russia’s fast payment system, halting digital transactions across multiple regions.
According to Kyiv Post sources in HUR, the operation targeted Russia’s “System of Fast Payments” (SBP) – a platform widely used for instant money transfers, including donations to organizations supporting Moscow’s war in Ukraine.
The strike, described as a large-scale distributed denial-of-service (DDoS) attack, also hit the provider TransTeleCom.
A DDoS attack is a form of cyberattack that overwhelms a website or online service with so much traffic that it can no longer function normally.
The attack reportedly left many Russians unable to complete online payments or carry out routine transactions. Social media posts from residents in Yekaterinburg reported failures in paying for public transport rides and fuel purchases at gas stations.
Kyiv Post’s sources in HUR said the cyberattack also knocked out internet and interactive television services for hundreds of thousands of subscribers of local providers across multiple regions.
Preliminary estimates put the financial damage from the disruption at up to $30 million, according to the intelligence agency.
Moscow has not publicly commented on the reported incident, and the scale of the disruption could not be independently verified.
A day prior, HUR said its cyber specialists have also breached the servers of Moscow-installed authorities in occupied Crimea for the second time in recent months, obtaining over 100 terabytes of sensitive data.
A HUR source told Kyiv Post that the hacked files include official correspondence by the Russia-installed head of Crimea, Sergey Aksyonov, as well as internal communications between ministries and agencies of the occupation government.
Among the documents are lists and the personal data of Ukrainian children illegally removed from the occupied areas of the Donetsk, Luhansk, Kherson and Zaporizhzhia regions to Crimea and Russia.
The information, which includes details about guardians and the children’s residence and schooling, has been passed to law enforcement for investigation of potential war crimes.
Another earlier operation targeted Russian systems during nationwide voting on Sept. 14, including those in other occupied Ukrainian territories.
During the attack, HUR cyber specialists paralyzed the digital resources of Russia’s Central Election Commission (CEC), preventing many Russians from casting ballots in gubernatorial and mayoral races.
The attack also targeted the servers of the CEC’s remote e-voting platform, backbone routers of the state-owned telecom provider Rostelecom, and servers of the government services portal “Gosuslugi.”