Cyber Incident Victim: Monobank

On the evening of 16 August 2024, Monobank, a Ukrainian financial institution, experienced the initial wave of an extensive distributed denial-of-service (DDoS) attack targeting its digital services. Co-founder Oleh Horokhovsky publicly disclosed the incident via Telegram, reporting approximately one billion malicious requests directed at the bank's systems within the first three hours of the assault. The attack persisted continuously for at least three days, escalating to 5.5 billion cumulative requests by 1 August 2024 according to Horokhovsky's updates. The sustained bombardment represented an unusually large-scale offensive against the bank's infrastructure, though specific technical details regarding affected systems or customer service disruptions were not disclosed in public statements. Monobank's operational resilience was maintained throughout the incident, with Horokhovsky emphasizing "We are still standing" despite the volumetric attack.

The bank's response involved coordinated efforts with Amazon Web Services (AWS) infrastructure specialists, who intervened due to the atypical scale of the attack even by cloud service standards. Ukrainian intelligence agencies independently offered operational assistance to Monobank, though the nature and extent of their involvement remained unspecified in public communications. Horokhovsky characterized the situation as "under control" while acknowledging the impressive magnitude of the assault. No threat actor attribution, financial impact assessments, or data compromise indicators were disclosed during the reported timeframe. The incident represented one of the largest publicly disclosed DDoS attacks against Ukraine's financial sector at the time, though comparative metrics against previous incidents weren't provided.