Pro-Ukraine Hackers Claim Massive Aeroflot Cyberattack
Pro-Ukraine hacktivist group Silent Crow has claimed responsibility for a major cyberattack on Russia's national airline, Aeroflot. The incident, which occurred at the end of July 2025, resulted in significant flight disruptions and data theft.
The group, along with another pro-Ukrainian hacker collective, reportedly accessed and compromised Aeroflot's flight history databases, corporate systems, and employee computers. The attack led to the cancellation of over 50 flights, causing maximum disruption to Russian holidaymakers. Silent Crow claimed to have destroyed 7000 physical and virtual servers and exfiltrated a massive 20TB of data, including personal information of all Russians who have flown with Aeroflot.
Steve Povolny, senior director of security research at Exabeam, described the incident as one of the most disruptive Russia has experienced since invading Ukraine. He highlighted the need for continuous threat hunting, network segmentation, disaster recovery planning, and industry-government collaboration to defend critical civilian systems during wartime.
Silent Crow's claim to have compromised and destroyed Aeroflot's internal IT infrastructure has raised serious concerns. The group has promised to release the stolen data, which could potentially expose sensitive personal information of millions of Russians. This incident serves as a stark reminder of the vulnerabilities of critical infrastructure in the face of cyber threats, particularly during times of conflict.
