Category: writeups
-
Forensic Analysis Report of a DDoS Attack on a Belarusian pozirk.online Website May 17-18, 2026
A significant DDoS attack hit pozirk.online on the night of May 17–18, 2026, lasting just over nine hours. At its peak the attackers fired roughly 80,000 requests per second at the site, and held a sustained rate of about 10,000 per second for seven hours straight — adding up to roughly 283 million requests in…
-
Forensic Analysis Report of a DDoS Attack on a Belarusian pozirk.online Website May 9-10, 2026
RESIDENT.NGO analyzed a significant more than 12-hour DDoS attack involving a botnet of approximately 31,000 unique IP addresses targeting https://pozirk.online – independent Belarusian news agency in exile that publishes news, analysis, interviews and comments about developments in Belarus
-
Forensic Analysis Report of a DDoS Attack on a Belarusian Investigative Center Website 2026
RESIDENT.NGO helped mitigate a significant 12-hour DDoS attack involving a botnet of approximately 245,000 unique IP addresses targeting https://investigatebel.org/, the website of the Belarusian Investigative Center – an independent Belarusian investigative journalism outlet that exposes corruption, debunks disinformation, and produces in-depth analytical reporting as part of a global network of investigative media.
-
ResidentBat: Operational Report & Advisory on KGB spyware in Belarus in 2025
RESIDENT.NGO has helped uncover a malware attack targeted at a Belarus-based journalist by the Belarusian secret service (KGB). This document serves as a short synopsis of the case, offering safety recommendations and indicators of compromise (IoCs).
-
Technical Writeup: Signal Account Takeovers Phishing Campaign Targets Exiled Belarusian Activists 2025
This writeup details a targeted Signal Account Takeover (ATO) Phishing Campaign identified by RESIDENT.NGO. The campaign utilizes spear phishing conducted in Polish or English via Signal Messenger and targets Belarus-related public figures and media workers residing outside of Belarus. The goal is to trick users into surrendering their 6-digit SMS Signal registration verification code, leading…