On April 25, 2022, the Russian-linked Stormous hacking group claimed a Coca-Cola hack on its website Monday, indicating that it retrieved 161 gigabytes of data. Stormous said it stole financial data, passwords and accounts in its Coca-Cola hack before putting the information on the market for $64,000 or 1.6 bitcoin. The team revealed it had infiltrated the drinks company and got out “without their knowledge”. Coca-Cola said it has launched an urgent investigation and already contacted the police. The Coca-Cola hack comes after the group reportedly put up a poll on Telegram asking which company it should hack. After 103 votes were cast, Coca-Cola received 72 percent.
Stormous is a relative newcomer in the hacking world but gained attention at the beginning of the year. It said it had stolen 200 gigabytes of data from Epic Games and later made headlines when it announced its support for the Russian invasion of Ukraine.
It wrote in English at the beginning of March: “The Stormous team has officially announced its support for the Russian governments…And if any party in different parts of the world decides to organize a cyber attack or cyberattacks against Russia, we will be in the right direction, will make all our efforts to abandon the supplication of the West, especially the infrastructure…Perhaps the hacking operation that our team carried out for the government of Ukraine and a Ukrainian airline was just a simple operation, but what is coming will be bigger,” the group warned. It also issued a warning against ‘western unions’ and US-based companies, after it said it was ‘attacked’ by US companies that shut down their site.
Just a few days after the group’s announcement, on March 8, Coca-Cola announced it was suspending its operations in Russia in opposition to its invasion.
Why is this important?
It signals an increased threat from hacking groups supporting the Russian government in the war on Ukraine and the importance of early detection to minimize the impact of breaches.
What does this mean to me?
It’s never a good thing for your cyber attacker to publicize your data breach first. Detecting cyber attacks quickly is more important than ever to minimize the damage to your company’s reputation.
- Web Application Firewall (WAF)
- Training and adherence to the OWASP v4 Web Application Security Standard
- Managed Detection and Response (MDR), (EDR), (XDR)
Commonality of attack