Colorado, Connecticut, Mississippi, and Kentucky had their state government websites impacted by outages on Wednesday following a distributed denial-of-service attack by Russian hacking group Killnet, reports StateScoop.
While most of the affected websites have been restored by Thursday, Colorado is still using a temporary site amid recovery efforts. "The Governors Office of Information Technology and State Emergency Operations Center are actively working with state and federal partners to restore access to the Colorado.gov Portal homepage. Security measures are also being taken to ensure that state websites and services remain unaffected," said Colorado officials. Dozens of U.S. state government websites have been found to be included in a target list being shared on Killnet's Telegram channel. Killnet has also posted messages suggesting that it will be disrupting sites for 72 hours. "Killnet seems to be a semi-structured organization with effective communication. Although they have managed some level of success in their campaigns, there is no evidence that they use or develop custom tools or even that they reuse very sophisticated tools in their attacks," said Forescout in a report.
The surge comes after malicious actors impersonated well-known brands, such as Adobe Reader and Microsoft Teams, to deliver numerous malware strains, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer and Vidar.
At least 1,200 Redis database servers worldwide have been compromised by a sophisticated piece of malware since September 2021, while more than 2,800 uninfected servers remain at high risk of exploitation.