SecurityScorecard’s researchers have published a list of proxy IPs used by the pro-Russia group, Killnet, with the intent of interfering with their operation and blocking their attacks. To help organizations better protect themselves, SecurityScorecard has released a list of proxy IPs to assist in preventing DDoS attacks from the Killnet group.
The Killnet Group: Active Since March 2022
The Killnet group has been active since March 2022 and has launched DDoS attacks against governments and critical infrastructure in countries that support Ukraine, including Italy, Romania, Moldova, the Czech Republic, Lithuania, Norway, and Latvia.
European Hospitals Targeted by Killnet Group
Early this month, the Dutch National Cyber Security Centre (NCSC) reported that the websites of several hospitals in the Netherlands and Europe were hit by DDoS attacks carried out by the Killnet group.
The group of hackers launched the offensive against the hospitals due to their support for Ukraine. In addition to the Netherlands, hospitals in the UK, Germany, Poland, Scandinavia, and the United States have also been targeted by Killnet.
Pro-Russia Group Intensifies Attacks
Last week, the pro-Russia group intensified their activity by launching a series of DDoS attacks against the websites of German airports, administration bodies, and banks.
The attacks are in response to the German government’s decision to send Leopard 2 tanks to Ukraine. In November, Killnet claimed responsibility for the DDoS attack on the European Parliament website, which was launched immediately after lawmakers approved a resolution calling Moscow a “state sponsor of terrorism”.
List of Proxy IPs Shared by Experts
The list of proxy IPs shared by SecurityScorecard experts also includes addresses used by other hacking groups. The list, which was published on GitHub, contains around 17,746 IP addresses.
By knowing these IP addresses, organizations can blacklist them and prevent DDoS attacks originating from them.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.