top of page
  • Ksenia Dudareva

Russian Media Outlet Meduza Claims It Faces ‘Most Intense Cyber Campaign’

Meduza, a Russian opposition online media outlet located in Latvia, reported that in February and March 2024, Russian authorities allegedly intensified their unprecedented attacks on Meduza's infrastructure. This pressure coincided with the assassination of Alexei Navalny and just weeks before the Russian presidential elections. While Meduza had reportedly faced attacks throughout its history, the outlet claims the current threats are of a scale the technical team has not encountered before.

According to the article posted on Medusa's website, authorities allegedly attempt to locate and block their mirror servers, prompting Meduza to create new ones. Since the official blocking of Meduza, mirror sites have been discovered approximately every two weeks. However, since mid-February, these mirrors are being found and blocked more frequently, now occurring every 10-20 minutes.

The site reportedly faces increasing efforts to disrupt its operation, including DDoS attacks, which overload servers and slow down or block access for regular users.

Authorities are also alleged to target donations, attempting to use stolen credit cards to break the donation system. These attacks, like the DDoS attacks, have intensified.

In 2024, Google reportedly warned Meduza several times of hacking attempts by government hackers, a sharp increase from previous years. There has also been a rise in direct threats, demands to remove materials, phishing attempts, password resets, and spam attacks. Some Meduza employees' email accounts have been reportedly flooded with thousands of newsletters, aiming to overwhelm them with spam, paralyze their work, and ensure they miss password reset emails.

Meduza also claimed they noticed a significant increase in subscriptions to its Telegram channel, likely orchestrated to later mass-report the content for alleged violations of platform rules. Simultaneously, a crucial mailing platform, Mailchimp, had reportedly faced issues in Russia, requiring other news portals, friendly to Meduza, to manage the fallout for five days.

Furthermore, bots reportedly flood negative reviews for Meduza's app, complain about its content, and engage in operations, creating clones of Meduza employees on various platforms and contacting their acquaintances.

The outlet believes that these events suggest a preparation for blanket internet blockages in Russia, not just targeting websites but all possible platforms and communication channels.

Recent Posts

See All

AcidPour Wiper Targets Linux Devices in Ukraine

A new iteration of the AcidRain wiper malware, dubbed AcidPour, has been identified by SentinelOne's threat intelligence division, SentinelLabs. AcidRain, linked to Russian military intelligence, gain


If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page