Monobank

Monobank, also referred to as Monobank Ukraine, is a mobile‑only bank whose headquarters are located in Ukraine. It delivers its banking services exclusively through a smartphone application, allowing retail customers to open accounts, make payments, transfer funds, manage payment cards, and access other core financial functionalities without the need for physical branches. The bank’s design focuses on providing a seamless digital experience for individuals who prefer to handle their finances via mobile devices, reflecting a broader shift toward app‑based banking in the Ukrainian market. By operating without a traditional branch network, Monobank reduces overhead costs and can quickly roll out feature updates directly to users’ phones. Its service model is aimed at tech‑savvy consumers who value convenience, speed, and the ability to conduct banking operations anytime and anywhere. As a digital bank, Monobank is subject to the regulatory oversight of the National Bank of Ukraine, which ensures compliance with national banking laws and consumer protection standards. The institution’s positioning within the Ukrainian financial sector emphasizes innovation, accessibility, and a customer‑centric approach to delivering everyday banking solutions. While the bank’s primary market is domestic, its mobile nature also enables it to serve Ukrainians abroad who retain access to the app and its core features. Overall, Monobank exemplifies a modern, app‑driven banking model that leverages technology to meet the financial needs of a growing digital‑savvy population.

Monobank has repeatedly shown an ability to withstand exceptionally large distributed denial‑of‑service attacks while keeping its services available to customers. In July 2024 the bank endured an extremely large‑scale DDoS assault that lasted several days, during which its co‑founder reported that approximately 5.5 billion malicious requests were generated and the bank confirmed that it remained operational throughout the incident. The attack began with roughly one billion requests in the first three hours, a volume described by Amazon Web Services personnel who assisted in the response as atypical in scale, and Ukrainian special services also offered support; despite the unprecedented traffic, the situation was characterized as being under control. Earlier, in October 2022, Monobank was targeted by a DDoS attack that peaked at six million requests per minute, coinciding with a wave of Russian missile strikes that caused power and internet disruptions across Ukraine. During that episode the bank’s online services stayed functional, and it simultaneously hosted a successful crowdfunding campaign on its platform for Ukrainian‑made kamikaze drones that raised over five point seven million dollars within eight hours, demonstrating that the bank could support national initiatives even while under cyber pressure. No hacking group claimed responsibility for the 2022 attack, and the bank’s resilience was aided by backup generators and satellite internet systems that kept critical infrastructure running amid the broader physical and digital assaults. These episodes underscore Monobank’s robust cybersecurity posture, its capacity to maintain service continuity under extreme traffic loads, and its role as a digital financial institution that can contribute to wartime resilience efforts. Headquartered in Ukraine, Monobank continues to operate as a prominent example of a mobile bank that balances innovative service delivery with strong defensive capabilities against sophisticated cyber threats.