The Russian investment platform Investment Projects, operated by PKR Group, suffered a cyberattack by the pro-Ukrainian hacker collective Cyber Anarchy Squad. The attackers claimed to have partially destroyed the site’s infrastructure, accessed internal databases and employee documents, and leaked allegedly stolen files though the authenticity remains unverified. The platform’s website remained offline for days, disrupting its analytics and promotional services for large-scale Russian ventures (industrial, civil, and transport construction). The breach exposed internal data, risking reputational damage, regulatory fines (up to 20,000 rubles under Russian law), and high recovery costs. The hackers aimed to pressure regulators into penalizing the company, framing the attack as part of broader efforts to undermine Russia’s economy. Clients and investors, including major firms like Norilsk Nickel, Rusagro, and S7 Airlines, may face indirect fallout from the incident. While no direct financial theft or customer data compromise was confirmed, the attack disrupted operations and exposed sensitive corporate and employee information.
Source: https://therecord.media/russia-cyberattack-investment-platform-ukraine
TPRM report: https://www.rankiteo.com/company/marketing-and-investment-projects
"id": "mar726090125",
"linkid": "marketing-and-investment-projects",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': ['Investment',
'Analytics',
'Large-scale Project Promotion '
'(Industrial, Civil, Transport '
'Construction)'],
'location': 'Russia',
'name': 'Investment Projects',
'type': 'Investment and Analytics Platform'}],
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': ['Potentially high (internal/employee '
'data)'],
'type_of_data_compromised': ['Internal databases',
'Employee documents',
'Potentially sensitive '
'project-related files']},
'date_publicly_disclosed': '2024-02-XX (exact date not specified; incident '
'disclosed earlier in the week, with site offline '
'as of Wednesday)',
'description': 'The Russian investment and analytics platform Investment '
'Projects was targeted by a cyberattack from the pro-Ukrainian '
'hacker group Cyber Anarchy Squad. The attackers claimed to '
'have partially destroyed the site’s infrastructure, accessed '
'internal databases and employee documents, and leaked '
'allegedly stolen files. The site remained offline as of '
'Wednesday, with the company working to restore its '
'infrastructure and notifying state regulators. The group’s '
'motive was to pressure regulators into fining the platform '
'under Russian data protection laws.',
'impact': {'brand_reputation_impact': ['Potential reputational harm (typical '
'for such incidents)'],
'data_compromised': ['Internal databases',
'Employee documents',
'Allegedly stolen files (unverified)'],
'downtime': 'Site offline as of Wednesday (duration unspecified)',
'legal_liabilities': ['Potential regulatory fines under Russian '
'law (up to 20,000 rubles/$250 for data '
'protection failures)'],
'operational_impact': ['Infrastructure restoration ongoing',
'Regulatory notifications submitted'],
'systems_affected': ['Website infrastructure (partially destroyed)',
'Internal databases']},
'initial_access_broker': {'high_value_targets': ['Internal databases',
'Employee documents']},
'investigation_status': 'Ongoing (infrastructure restoration in progress; '
'leaked data not independently verified)',
'motivation': ['Hacktivism',
'Pressure regulators to impose fines on the platform',
'Disrupt Russian economic and industrial services'],
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'Recorded Future News'},
{'source': 'Cyber Anarchy Squad (Telegram channels)'}],
'regulatory_compliance': {'regulations_violated': ['Russian data protection '
'laws (potential '
'violation)'],
'regulatory_notifications': ['State regulators '
'notified by the '
'company']},
'response': {'communication_strategy': ['Public statement acknowledging the '
'attack',
'Notification to state regulators'],
'containment_measures': ['Restoring infrastructure'],
'incident_response_plan_activated': True,
'recovery_measures': ['Infrastructure restoration in progress']},
'stakeholder_advisories': ['Public statement by Investment Projects '
'acknowledging the attack and emphasizing '
'resilience'],
'threat_actor': 'Cyber Anarchy Squad',
'title': "Cyberattack on Russian Investment Platform 'Investment Projects' by "
"Pro-Ukrainian Hacker Group 'Cyber Anarchy Squad'",
'type': ['Cyberattack', 'Data Breach', 'Website Defacement', 'Data Leak']}