On 6 April 2026, Russian state-run telecommunications provider Rostelecom was hit by a large-scale DDoS attack, affecting internet access, online banking, and government platforms across 30 major cities. The disruptions started unfolding around 9:00 p.m. Moscow time, according to Downdetector reports.
Rostelecom confirmed the intrusion to state media, saying the attack was “neutralised” by 11:09 p.m., with incoming malicious traffic filtered to restore network operations. Some services continued to experience outages into Tuesday.
The attack impacted millions of users and disrupted a wide range of services, including Microsoft Outlook, Discord, Telegram, Steam, CharacterAI, League of Legends, World of Tanks, and government platforms like Gosuslugi, among many others. Reports from Habr, a Russian IT community platform, indicate that roughly 70% of users experienced general service failures, 11% reported website crashes, and fewer than 10% faced issues accessing accounts or mobile apps.
Following the Rostelecom mitigation, additional outages were reported on RuNet, the Russian internet segment, affecting banks, telecom operators, and other online services. User complaints also extended to other major Russian telecoms including MTS, Beeline, Megafon, and T2, as well as platforms like Russian Railways, retailer Wildberries, classifieds site Avito, and social media platforms VKontakte and VK Video.
No group has claimed responsibility for the attack. Rostelecom, which serves over 100 million subscribers across mobile, broadband, and PayTV, continues to monitor network activity to prevent further disruptions. Apart from Rostelecom's announcement, no further details on the architecture or the scale of the attack have been disclosed.
