Russia’s national airline Aeroflot was forced to cancel dozens of flights on Monday after a massive cyber attack caused the company’s computer systems to fail.
A hacking group called Silent Crow claimed responsibility for the action, alongside an outfit known as Cyber Partisans.
“We declare the successful completion of a prolonged and large-scale operation, as a result of which the internal IT infrastructure of Aeroflot was completely compromised and destroyed,” Silent Crow wrote on Telegram. “Glory to Ukraine” Long live Belarus!”
The hackers claim that a year-long infiltration of Aeroflot’s systems allowed them to steal 20 terabytes of data and destroy 7,000 servers.
The scale of the attack has led to questions about who the hackers actually are, and how much threat might they pose to Russia.
Who is Silent Crow?
The Telegram channel that serves as the group’s mouthpiece was formed on Christmas Day 2024, with the first attack claimed just weeks later.
In January 2025, Silent Crow said that it was behind a breach of Russia’s real estate registry Rosreestr that compromised around 2 billion records.
That same month, the hackers claimed responsibility for an attack on Russian telecom firm Rostelecom, which leaked customer information through one of its contractors. The company claimed that no sensitive data was stolen.
Other claimed targets include Moscow’s Department of Information Technologies, Kia Russia and Alfa Bank – Russia’s largest private bank.
What are the group’s motivations?
Silent Crow positions itself as a pro-Ukraine group of hacktivists – activist hackers – that target Russia and its allies.
“You are incapable of protecting even your most critical infrastructure,” the group wrote following the Aeroflot attack. “To all members of the repressive apparatus – your digital security is meaningless. You’ve long been under observation.”
The group’s targets, as well as the fact that it has never demanded a ransom from its victims, have inevitably led to speculation that it is backed by Ukraine, though Kyiv has not commented on this.
This appears to be the first time that the group has worked alongside Cyber Partisans, which share similar motivations.
Cyber Partisans are a long-established hacker group from Belarus, who have been operating since at least 2022 – the year that Russia launched its full-scale invasion of Ukraine.
The group describes itself as a “highly organised hacktivist collective that is fighting for the liberation of Belarus from dictatorial rule”.
How has Russia responded?
The Kremlin described the latest cyber attack against Aeroflot as “worrying”, while Russia’s prosecutors office has launched a criminal investigation.
Senior Russian lawmaker Anton Gorelkin described the incident as a “wake-up call”, and called for reinforcement to the country’s cyber defences.
“We must not forget that the war against our country is being waged on all fronts, including the digital one,” he said in a statement.
“I do not rule out that the ‘hacktivists’ who claimed responsibility for the incident are in the service of unfriendly states.”
