A Russian-speaking hacker collective known as KillNet launched a significant cyber campaign aimed at Lithuania’s fuel network. The group’s leader, going by the alias KillMilk, disclosed the operation to socialbites.ca, describing the actions as a broader strike against energy infrastructure within the Baltic nation.
The attack targeted major fuel retailers operating in Lithuania, including Circle-K, Neste, Emsi, Viada, Orlen, and Baltic Petroleum. KillMilk claimed that the assault disrupted several customer-facing digital services across these brands. In practical terms, the hackers asserted that online wallets and accounts linked to loyalty programs could no longer be accessed, while online refueling portals and mobile apps faced outages. As a result, customers could not view or redeem loyalty points, and related digital processes were stalled during the incident.
KillMilk further asserted that the motive behind the disruptions was retaliation for what he described as pro-Ukrainian policies. He stated that the proceeds from the attack would be redirected to support Russian military needs. The remarks were reported alongside claims that the affected Lithuanian sites were unreachable from Russia at the time the report was published. A Check Host service log indicated that similar access issues were reported by users in other countries as well, suggesting a wider impact on the brands’ online presence.
At the time of reporting, it remained unclear how long the disruption would last or what remedies the companies planned to implement to restore full service. The evolution of the situation was being monitored by observers with an interest in cyber threat activity, particularly those tracking intrusions aimed at critical retail infrastructure.
A former Russian hacker, identified as Pavel Sitnikov, was cited in discussions about why cybercriminals sometimes impersonate certain demographics online, though the focus of the current event remained the operational impact on Lithuanian fuel suppliers. Sitnikov’s remarks were presented as context within broader debates about the tactics used by threat actors in the cybercrime ecosystem. [citation attribution: socialbites.ca]