Killnet claims to be working in concert with a resurgent form of the notorious ReVIL ransomware gang. The goal? To mount an attack on the Western financial system.
The group is warning that attacks are imminent, as in the next day or so; but it’s unclear whether the threats amount to anything more than bluster and saber-rattling, particularly given Killnet’s past track record of, at most, carrying out mildly disruptive distributed denial of service (DDoS) attacks.
Even so, in a video posted on a Russian Telegram channel on June 16, Killnet made ominous threats against the SWIFT banking system (famously targeted by Lazarus in 2018); the Wise international wire transfer system; the SEPA intra-Europe payments service; central banks in Europe and the US (i.e., the Federal Reserve); and other institutions.
“The post claims that threat actors from Killnet, REvil, and Anonymous Sudan will unite for the campaign,” according to ZeroFox researchers, writing in a flash alert on the threat. “Killnet indicates that the attack is motivated by the US providing weapons to aid Ukraine, stating: ‘repel the maniacs according to the formula, no money — no weapons — no Kiev regime.’”