Some Russian federal agencies’ websites were compromised in a supply chain attack, threat actors compromised the stats widget used to track the number of visitors by several government agencies. Threat actors were able to deface the websites and block access to them.
“Disruptions in the operation of the federal agencies’ websites occurred on Tuesday evening due to the hacking of the service (widget) of the monitoring system of state agencies’ websites, which is being maintained by the Ministry of Economic Development and is integrated into the websites of a number of state agencies, the press service for the Russian Ministry of Digital Development, Communications, and Mass Media told Interfax.” reported the Interfax.
The compromised service was restored within an hour of the hack.
The hacked websites included the websites of the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, and other Russian state agencies.
“The websites of state agencies are under serious protection and round-the-clock monitoring by cybersecurity teams. It is difficult to compromise these websites directly, so hackers attack resources through external services and thus gain access to demonstrate incorrect content,” the press service said.
“Hackers hacked an application (widget), which is loaded on the websites of state bodies from an external resource, the press service added. After hacking the widget, hackers were able to publish incorrect content on the pages of the websites. The incident was promptly localized.”
The impacted websites displayed an image against the current invasion of Ukraine.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Russia supply chain attack)
[adrotate banner=”5″]
[adrotate banner=”13″]
Canada's airline WestJet has suffered a cyberattack that impactd access to some internal systems and…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.…
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec…
Cyberattack on United Natural Foods Inc. (UNFI) disrupts deliveries, causing Whole Foods shortages nationwide after…
This website uses cookies.