Cyber Incident Victim: Kraft-S

Ukrainian hacktivists from the BO Team executed a disruptive cyberattack against Russian internet service provider Kraft-S in Samara during the New Year's Eve period. The attackers infiltrated Kraft-S's network infrastructure and deliberately wiped the configuration data from routers, causing widespread connectivity outages for customers. Service disruptions persisted for multiple days as technicians worked to restore router configurations and re-establish network operations. The incident mirrored a simultaneous attack against SimStar, another Russian ISP based in Crimea, which the same group claimed to have compromised using identical methods. Kraft-S did not publicly disclose technical specifics regarding the intrusion vector, the number of affected routers, or the total customer impact. No evidence suggested data theft or secondary objectives beyond network disruption.

The BO Team openly claimed responsibility for both ISP attacks through undisclosed channels, framing the operations as part of ongoing hacktivist activities against Russian entities during the Ukraine conflict. Kraft-S issued no detailed public statements regarding incident response timelines, forensic findings, or mitigation measures beyond acknowledging the service interruption. The company's restoration efforts focused on rebuilding router configurations to resume connectivity, though the timeline for full recovery remained unclear. No ransomware deployment, financial demands, or data leaks accompanied the attack, distinguishing it from contemporaneous incidents like the Copec ransomware attack or the Anubis group's dark web posts. The disruption highlighted vulnerabilities in ISP network management systems, particularly regarding configuration integrity protections against destructive attacks.