Moscow Gridlock as Hackers Send Dozens of Taxis to Same Location

A traffic jam clogged central Moscow on Thursday after hackers broke into a popular ridesharing app and ordered dozens of drivers to the same address.

Hackers hit the Yandex Taxi app in the morning with drivers told to go to Kutuzovsky Prospekt, a major road leading into the center of Moscow. While no group or individual has claimed responsibility, there is speculation this attack could be part of an ongoing battle between pro-Ukrainian and pro-Russian hackers.

In a statement to Yandex Taxi confirmed the hack had taken place, and said the technical vulnerability which allowed the break-in had been fixed: "On the morning of September 1, Yandex Taxi encountered an attempt by attackers to disrupt the service—several dozen drivers received bulk orders to the Fili region."

Fili is a Moscow district situated to the northern side of the Kutuzovsky Prospekt. Yandex Taxi said it detected the security breach and "immediately stopped attempts to artificially" order taxis, but this was too late to avoid gridlock.

Chaos in Moscow after ride sharing hack
Above, taxis move past the headquarters of Russia's Federal Security Services (FSB) in central Moscow on May 12, 2022. Hackers sent dozens of Moscow taxis from a ride-sharing app to the same location, causing a massive gridlock. NATALIA KOLESNIKOVA/AFP/GETTY

A video posted to Twitter by Visegrád 24, a news aggregation site covering "Central and Eastern Europe," shows scores of taxis stuck in traffic jams in front of Moscow's Triumphal Arch, built to commemorate the victory over Napoleon. A police vehicle and traffic officer are seen trying to marshal the gridlocked vehicles.

The footage appears to have been filmed by a Yandex Taxi, with an address on Kutuzovsky Prospekt entered in the drivers navigation system. Newsweek has not been able to independently verify the video.

The tweet said: "Someone hacked Russia's largest taxi company and ordered all available taxis to central Moscow, creating huge traffic jams in the city. The Russians don't have a monopoly on hybrid warfare."

The footage went viral on Twitter, receiving more than two million views, with several social media users speculating the hack was in retaliation for Russia's invasion of Ukraine.

One Twitter user, with Ukrainian and British flags in his username, wrote: "Absolutely hilarious. What a brilliant hacker." Another tweeted: "Now if only they can repeat that trick in places logistically vital to the Russian war effort."

On February 23, the day before the Russian invasion of Ukraine, several Ukrainian websites were targeted in a mass denial-of-service (DDoS) attack. Those affected included the Ukrainian parliament, Ministry of Defense, Ministry of Internal Affairs and internal security services.

Since the war began, there have been cyberattacks on both Ukrainian and Russian targets, though it's unclear how many of these are state-sponsored versus conducted by vigilantes.

In July, the U.S. military published information it was given by Ukrainian Security Services, which it said proved Kyiv had been targeted with systematic cyber-warfare with "several types of malware" found in its computer systems.

A spokesperson for the U.S. Cyber Command (CYBERCOM) told Newsweek: "Indicators of Compromise were shared with us by our Ukrainian partners to enable industry to take action and assess their own networks. We are actively communicating with our Ukrainian partners to share cybersecurity threat information."

Yuri Vyhodetz, the head of Ukraine's Cyber Police division, told Newsweek last month that his organization is working with the FBI to fight hackers and cyber-criminals seeking to exploit the war.

He said: "The cooperative relationship goes back a long way. FBI representatives come here to Kyiv, and also vice versa. It's become difficult for our colleagues to leave the country due to the fact that many of them are males of military age, but before the war, our guys would frequently attend conferences in Spain, Poland, Hungary, and elsewhere."