Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group

Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group | The Record from Recorded Future News Image: Unsplash+/Roseltorg Daryna Antoniuk January 14th, 2025 Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group Russia’s main electronic trading platform for government and corporate procurement confirmed on Monday that it had been targeted by a cyberattack after initially claiming that outages were caused by “maintenance work.” Roseltorg is one of the largest electronic trading operators selected by the Russian government to conduct public procurement, including contracts in the defense and construction industries. The platform also offers tools for electronic document management and procurement planning. The company initially confirmed last Thursday that its services had been temporarily suspended, without providing further details. In a recent Telegram statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading." Roseltorg stated that all data and infrastructure affected by the recent attack had been fully restored, and trading systems are expected to resume operations shortly. However, as of the time of writing, the company's website remains offline. Last week, the previously unknown pro-Ukraine hacker group Yellow Drift claimed responsibility for the attack on Roseltorg, stating they had deleted 550 terabytes of data, including emails and backups. As proof, the hackers published screenshots from the platform’s allegedly compromised infrastructure on their Telegram channel. “If you support tyranny and sponsor wars, be prepared to return to the Stone Age," the hackers said. The cyberattack on Roseltorg is already impacting clients who rely on the platform’s operations, including government agencies, state-owned companies and suppliers. Following the company’s announcement, many clients expressed concerns in the comments section, complaining about potential financial losses and delays in the procurement process. Roseltorg said in a statement that once access to the trading systems is reinstated, all deadlines for procedures, including contract signings, will be automatically extended without requiring any requests from users. According to local media reports , Roseltorg serves some of the largest Russian corporations, including oil company Lukoil, digital service provider Rostelecom and diamond mining company Alrosa, as well as government agencies such as the Ministry of Defense and internet regulator Roskomnadzor. Roseltorg is one of several Russian companies targeted by pro-Ukraine hackers this month. Last week, a group of hackers with unknown ties claimed responsibility for breaching Rosreestr , a Russian government agency responsible for managing property and land records. Another hacker group known as the Ukrainian Cyber Alliance also claimed responsibility for an attack on the Russian internet provider Nodex, stating that it destroyed the company’s infrastructure overnight. Nodex confirmed the attack. On Monday, a Ukrainian hacker group called Cyber Anarchy Squad announced it had attacked the Russian tech company Infobis, which develops systems for planning, monitoring, and accounting of agricultural work. The hackers claimed to have exfiltrated three terabytes of information and destroyed part of the company’s infrastructure. Infobis has not commented on the alleged attack. Cybercrime Government News Technology Get more insights with the Recorded Future Intelligence Cloud. Learn more. No previous article No new articles Daryna Antoniuk is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post. Briefs Cyberattack on telecom giant Rostelecom disrupts internet services across Russia April 6th, 2026 FBI: Cyber fraud surges to $17.6 billion in losses as scams, crypto theft soar April 6th, 2026 Big tech vows to continue CSAM scanning in Europe despite expiration of law allowing it April 6th, 2026 First stalkerware maker prosecuted since 2014 receives no jail time April 6th, 2026 Singapore, US warn of latest Fortinet bug being exploited in wild April 6th, 2026 Major outage hits Russian banking apps, metro payments across regions April 6th, 2026 Hackers threaten to leak data after cyberattack on German party Die Linke April 6th, 2026 FCC proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic April 3rd, 2026 EU cyber agency attributes major data breach to TeamPCP hacking group April 3rd, 2026 Understanding and Anticipating Venezuelan Government Actions Latin America and the Caribbean Cybercrime Landscape ClickFix Campaigns Targeting Windows and macOS 2025 Year in Review: Malicious, Infrastructure Preparing for Russia’s New Generation Warfare in Europe