Killnet, the Russian hacker group whose members call themselves ‘hacktivists’, has been on a spree targeting US websites. Their most recent venture targetted 49 US-based airport websites, knocking 13 of them offline temporarily. Last week, they attacked several state websites in US, taking down Colorado’s for more than a day, and interrupting Kentucky’s briefly.

Killnet mainly targets websites of state institutions providing services to citizens. Apart from US, it has previously targetted Japan, Latvia, Norway, Lithuania, Italy, Czech Republic, Moldova and Romania. It also famously attacked the website of the Eurovision Song Contest 2022.

Also read: 13 US airport websites go offline after threat from Russian hacker group Killnet

What is Killnet?

Killnet is a hacker group that specialises in a form of cyberattack known as Denial of Service (DoS) and Distributed Denial of Service (DDOS). They are believed to have been formed sometime in March 2022 during the Russian invasion of Ukraine and are openly pro-Russian and Putin. 

In the case of both DoS and DDoS attacks, Killnet paralyses websites by making their services inaccessible to intended users. It is achieved by overloading a website’s server by flooding it with numerous artificially generated sessions as a result of which it fails to respond to genuine service requests.

In the case of DoS, the artificial requests originate from a single source, whereas for DDoS attacks, it comes from multiple sources distributed across different parts of the world. 

Although DoS and DDOS attacks do not cause any long-term damage, they can lead to websites going offline for anything between a few hours to several days.

Also read: Binance suffers $100 million blockchain bridge hack

Killnet follows a mass-sourcing process for its hacking attacks. They have a Telegram group where they post in advance about their plans and encourages other professional and amateur hackers to join in with them. 

Killnet was included in a list of Russian-aligned groups against whom The Five Eyes intelligence alliance- a multilateral cyber intelligence alliance comprising Canada, Australia, New Zealand, the United Kingdom, and US –  issued a warning in April 2022 about attacks on critical infrastructure.