Aeroflot Halts Over 50 Flights Amid Claimed Cyberattack

A significant disruption affected Russia’s flagship airline on Monday as more than 50 scheduled flights were grounded due to what is being described as a major cybersecurity breach.

While the airline didn’t disclose specific details about the issue or give a timeline for resolution, screens at Moscow’s Sheremetyevo Airport displayed a series of cancellations during what is traditionally a peak travel period for domestic vacations.

Authorities at the federal level expressed concern over the incident. Investigators have confirmed that the disruptions stem from a cyber intrusion and have launched an official criminal probe.

A digital statement, allegedly from a group identifying itself as Silent Crow and working in coordination with a Belarus-based collective named Cyberpartisans BY, claimed responsibility for the breach. The message tied the action to ongoing hostilities in Ukraine.
“Glory to Ukraine! Long live Belarus!” the statement read, though its authenticity has not been independently verified.

Silent Crow has in the past attributed similar actions to itself, targeting institutions such as a property database, a telecommunications provider, an insurance firm, a major municipal IT office, and even the Russian branch of a foreign automotive brand. Many of those attacks led to the exposure of sensitive internal data.

“The information that we are reading in the public domain is quite alarming. The hacker threat is a threat that remains for all large companies providing services to the population,” a government spokesperson commented.

“We will, of course, clarify the information and wait for appropriate clarifications.”

Aeroflot, along with relevant transport authorities, did not immediately address the hacking allegations directly. However, the airline acknowledged that a technical issue had forced the cancellation of dozens of flights, affecting both domestic destinations and cities such as Minsk and Yerevan. More than ten additional flights experienced delays.

“Specialists are currently working to minimise the impact on the flight schedule and to restore normal service operations,” the company said.

The online statement attributed to Silent Crow described the breach as the culmination of a twelve-month infiltration campaign. It claimed to have dismantled thousands of servers and seized access to computers used by high-ranking staff, although it did not offer any proof of these claims.