Ukraine's vigilante IT army now has a DDoS bot to automate attacks against Russia
The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders

Ukraine’s unofficial ‘army’ of IT vigilantes has developed a new automated attack tool to increase the effectiveness of its cyber attacks against Russian domains.
Its “attack automation bot” was built to help more people easily launch distributed denial of service (DDoS) cyber attacks against Russia. The new tool encourages individuals to donate their cloud resources to the bot, which is capable of launching a “coordinated attack from all the available servers”.
“To run all our attacks at the same time we recommend to use our new DDoS bot,” the group said on its website. “All you need is [to] send credentials to your servers to our bot and check how [the] attack is going via Telegram bot.”
Should they wish to, supporters are also encouraged to purchase and share the credentials of new servers that can be bought for the sole purpose of strengthening the botnet's attack.
The organised group of cyber-savvy individuals who want to actively support Ukraine from afar has been growing in number since the start of the conflict. The group is assembled on Telegram and currently has more than 270,000 members.
The group’s members are fed instructions by leaders on a daily basis, complete with IP addresses, specific ports, and web domains that need to be targeted to disrupt the Russian regime as the war continues.
Past targets have included media organisations, banks, airlines, and app stores.
Russian cyber attacks against Ukraine have been large and sustained, starting weeks before the conflict broke out.
The Five Eye intelligence alliance confirmed last week that it believed with a high degree of confidence that Russia was behind the attacks on Ukraine in the early stages of the war.
The attacks on Ukrainian government websites in January, which also involved the use of the destructive Whispergate ‘wiper’ malware, were attributed to Russia’s military intelligence service, the GRU, as was the 24 February attack on communications company Viasat.
The Total Economic Impact™ of Mimecast
Cost savings and business benefits enabled by using Mimecast with Microsoft 365
FREE DOWNLOAD
The attack on Viasat was conducted one hour before the Russia invasion of Ukraine became official and it was later revealed to have had effects in wider Europe, as wind farms and individual internet users outside of Ukraine also suffered outages.
The collateral effects of the Viasat attack were the most visceral examples of the ‘spillover effects’ many experts believed would affect Europe in the ongoing war between Russia and Ukraine in cyber space.
Russia has a history of launching devastating attacks on Ukraine dating back many years. Some of the most significant incidents have involved the use of Petya malware and repeated targeting of the country’s power grid, firstly in 2015, then again in 2016, and most recently in April 2022.
ITPro Newsletter
A daily dose of IT news, reviews, features and insights, straight to your inbox!
Connor Jones is the News and Analysis Editor at ITPro, CloudPro, and ChannelPro. He oversees the three publications’ news strategies and reports breaking news on the topics of cyber security, software, and Big Tech firms. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.
Most Popular
Resources
A daily dose of IT news, reviews, features and insights, straight to your inbox!
Thank you for signing up to ITPro. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.