Belarusian hacktivists claim ransomware railway attack to halt Russian military

The incident is thought to be one of the first times ransomware has been used in hacktivism

Belarusian hacktivists claim to have infected the country’s rail network with ransomware in a bid to stop the Russian military from mobilising around Ukraine.

The Cyber Partisan hacktivists claim to have encrypted “the bulk of the servers, databases, and workstations” belonging to the Belarusian Railways, and destroyed their backups, according to posts on Telegram and Twitter.

Cyber Partisan is demanding the release of 50 political prisoners who are in need of medical assistance and assurances that Russian troops will stop mobilising on Belarusian soil – a country that shares a border with Ukraine and whose leader has a close relationship with Vladimir Putin,

“BelZhD, at the command of the terrorist Lukashenko, these days allows the occupying troops to enter our land,” the Telegram message read. “As part of the ‘Peklo’ cyber campaign, we encrypted the bulk of the servers, databases, and workstations of the BelZhD in order to slow down and disrupt the operation of the road. The backups have been destroyed.

“Dozens of databases have been cyberattacked, including AS-Sledd, AS-USOGDP, SAP, AC-Pred,, uprava, IRC, etc. Automation and security systems were deliberately NOT affected by a cyber attack in order to avoid emergency situations.”

In the online posts, the group echoed the message shared by Belarusian rail workers on Friday that more than 33 Russian military trains containing equipment and soldiers would be entering Belarus. The message was also corroborated by reports from other news outlets.

We have encryption keys, and we are ready to return Belarusian Railroad’s systems to normal mode. Our conditions:🔺 Release of the 50 political prisoners who are most in need of medical assistance.🔺Preventing the presence of Russian troops on the territory of #Belarus.— Belarusian Cyber-Partisans (@cpartisans) January 24, 2022

Belarusian Railways published a statement on Monday confirming that it was experiencing difficulties and that some services were unavailable, though no mention of compromised systems, databases, or servers was mentioned – nor was ransomware.


  1. Well I’m surprised, but certainly not unhappy about unexpected allies. I suppose there’s probably some Belarusians and even some Russians who see the massed troops at the border as an evil mistake. I hope those hackers get their demands, it’s a good list.

  2. Good job guys, show Muscovy they are not the only country that can use cyber space to attack countries.

Enter comments here: