Russian hacker group claims responsibility for Kyivstar cyberattack

A Russian hacker group claimed responsibility for the recent cyberattack against Ukraine’s leading phone operator, Kyivstar, the Security Service of Ukraine (SBU) reported on Dec. 13.

Ukraine came under a massive cyberattack on Dec. 12, which targeted Kyivstar and one of the country’s largest banks, Monobank. People across the country reported internet and network outages, as well as issues with air raid alerts.

Work to restore services is underway, and the home internet is expected to be fixed later on Dec. 13, the SBU said. The restart of phone connection and phone internet services is planned for the same day.

According to Ukraine’s security service, the hacker group allegedly responsible for the attack is under the command of Russia’s military intelligence agency, the GRU.

Russia has been repeatedly accused of backing cyber-crime groups in attacks against its rivals. Moscow has also deployed its cyber capabilities against Ukraine, including attacks on government institutions, the defense sector, and energy infrastructure.

Although the SBU did not specify the group’s name, a Russian hacker group called Solntsepek claimed responsibility for the attack against Kyivstar in a statement published on Telegram earlier on Dec. 13.

“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine, as well as government agencies and law enforcement agencies of Ukraine,” the group wrote on social media.

Solntsepek claimed that its attack had “destroyed” 10,000 computers, over 4,000 servers, and all cloud storage and backup systems.

Kyivstar denied that any computers or servers had been destroyed. The company also noted that subscribers’ personal data remains safe.

The SBU, however, acknowledged that the attack resulted in critical damage to Kyivstar’s digital infrastructure.

According to, Solntsepek has carried out hostile activities against Ukraine in the past, which included revealing the personal details of Ukrainian soldiers.

Ukraine’s cyber defense agency connected Solntsepek to Sandworm, a hacker group run by the GRU.

Read also: Massive cyberattack reported on Ukrainian bank, phone operator

We’ve been working hard to bring you independent, locally-sourced news from Ukraine. Consider supporting the Kyiv Independent.