Cyberattack hits European Investment Bank

Follows a warning to the financial sector from Russian hackers

Cyberattack hits European Investment Bank

Hackers have pulled off a cyberattack on the European Investment Bank (EIB), coinciding with recent threats from Russia about destabilising the Western financial system.

"We are currently facing a cyber attack which affects the availability of eib.org and eif.org. We are responding to the incident," the bank wrote on Twitter on Monday.

The bank's website experienced a complete outage after the attack. The European Investment Fund's (EIF) website (a part of the EIB that facilitates financial access for small- and medium-sized businesses) remained functional, although with a modified appearance.

A spokesperson from the EIB said the bank was actively dealing with the cyberattack.

The EIB is the European Union's development bank, with headquarters in Luxembourg City. The bank employs more than 3,000 people, and has a balance sheet exceeding €500 billion.

The cyberattack against the EIB coincides with a recent warning from Russian-speaking hackers, threatening to launch attacks on Western financial institutions due to their support for Ukraine.

Last week three prominent hacker groups - Killnet, Anonymous Sudan and REvil - jointly declared themselves the "Darknet Parliament". The term quickly gained traction among threat analysts, emerging as a trending keyword on Twitter.

"72 hours ago, three heads of hacker groups from Russia and Sudan* held a regular meeting in the DARKNET Parliament and came to a common decision: SOLUTION №0191. Today we are starting to impose sanctions on the European banking transfer systems SEPA, IBAN, WIRE, SWIFT, WISE," wrote Killnet.

* Editor's note: There is doubt that Anonymous Sudan is actually a Sudanese organisation. Signs indicate it is more likely Russian in origin.

Killnet first appeared at the start of Russia's invasion of Ukraine. It has since posted claims of distributed denial of service (DDoS) attacks on websites in countries that have condemned the invasion and declared themselves allies of Ukraine.

Last June, Killnet claimed to have launched a DDoS attack on Lithuania in response to the country's decision to block the transit of goods subject to EU sanctions to Russia's Kaliningrad enclave.

In August, the group said it planned to target Lockheed Martin, the manufacturer of the US-made rocket launchers the Ukrainian military has been using in the war. The gang claimed it had breached Lockheed's identity authorisation system.

Killnet also claimed responsibility for temporarily taking US airport websites offline in October. It published a list of US airports on Telegram and encouraged hackers to take part in DDoS attacks.

Earlier this year, Killnet took responsibility for a series of DDoS attacks targeting NATO and the US Air Force's Strategic Air Command.

Both organisations experienced website outages as a result of the attacks.

Last week Microsoft confirmed that its services, including Teams and Outlook, fell victim to DDoS attacks earlier this month. A cybersecurity firm implicated Russian hackers as the perpetrator.

While Microsoft referred to the attacker by the code name "Storm-1359," Anonymous Sudan claimed responsibility.