IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Ukraine's vigilante IT army now has a DDoS bot to automate attacks against Russia

The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders

Ukraine’s unofficial ‘army’ of IT vigilantes has developed a new automated attack tool to increase the effectiveness of its cyber attacks against Russian domains.

Its “attack automation bot” was built to help more people easily launch distributed denial of service (DDoS) cyber attacks against Russia. The new tool encourages individuals to donate their cloud resources to the bot, which is capable of launching a “coordinated attack from all the available servers”.

“To run all our attacks at the same time we recommend to use our new DDoS bot,” the group said on its website. “All you need is [to] send credentials to your servers to our bot and check how [the] attack is going via Telegram bot.”

Flow chart showing how the automated DDoS bot works

Should they wish to, supporters are also encouraged to purchase and share the credentials of new servers that can be bought for the sole purpose of strengthening the botnet's attack.

The organised group of cyber-savvy individuals who want to actively support Ukraine from afar has been growing in number since the start of the conflict. The group is assembled on Telegram and currently has more than 270,000 members.

The group’s members are fed instructions by leaders on a daily basis, complete with IP addresses, specific ports, and web domains that need to be targeted to disrupt the Russian regime as the war continues.

Past targets have included media organisations, banks, airlines, and app stores.

Russian cyber attacks against Ukraine have been large and sustained, starting weeks before the conflict broke out.

The Five Eye intelligence alliance confirmed last week that it believed with a high degree of confidence that Russia was behind the attacks on Ukraine in the early stages of the war.

The attacks on Ukrainian government websites in January, which also involved the use of the destructive Whispergate ‘wiper’ malware, were attributed to Russia’s military intelligence service, the GRU, as was the 24 February attack on communications company Viasat.

Related Resource

The Total Economic Impact™ of Mimecast

Cost savings and business benefits enabled by using Mimecast with Microsoft 365

Total economic impact of Mimecast - whitepaper from MimecastFree download

The attack on Viasat was conducted one hour before the Russia invasion of Ukraine became official and it was later revealed to have had effects in wider Europe, as wind farms and individual internet users outside of Ukraine also suffered outages.

The collateral effects of the Viasat attack were the most visceral examples of the ‘spillover effects’ many experts believed would affect Europe in the ongoing war between Russia and Ukraine in cyber space.

Russia has a history of launching devastating attacks on Ukraine dating back many years. Some of the most significant incidents have involved the use of Petya malware and repeated targeting of the country’s power grid, firstly in 2015, then again in 2016, and most recently in April 2022.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download


What is cyber warfare?

What is cyber warfare?

20 May 2022

Most Popular

Salaries for the least popular programming languages surge as much as 44%

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Swift exit: How the world cut off Russian banks

Swift exit: How the world cut off Russian banks

24 Jun 2022