Hackers steal massive trove of Russian-spy agency data and leak it to the media
Hackers broke into the server of a major contractor for the Russian Federal Security Service (FSB) and stole 7.5 terabytes of data in what is possibly “the largest data leak in the history of the work of Russian special services on the internet”, according to BBC Russia who was the first one to report the breach.
The data included several secret Russian internet projects that were being developed by the contractor for the intelligence agency, such as Russia’s attempt to de-anonymize users on the privacy-focused Tor network, social media scraping (Facebook, LinkedIn, and MySpace), collect data from social networks, and create a “sovereign Internet” where Russia can isolate itself from the rest of the Internet.
On July 13, 2019, a hacking group operating under the name 0v1ru$ hacked the official website of “Sytech”, a high-profile contractor working for Russian FSB. The hackers then defaced the contactor’s site with an image of “Yoba-Face” – a Russian meme that denotes trolling, and also posted pictures in their Windows domain controller to prove they gained access to Sytech’s website, server drives and users.
The group shared the stolen data with another hacking group called “Digital Revolution”, who then shared the files with various Russian media outlets. Digital Revolution is believed to be the same group of hackers who hacked the server of the research institute “Kvant” in 2018, which is run by FSB.
However, on July 18th, “Digital Revolution” used its Twitter account to post several screenshots of the data. The group even taunted FSB that the agency should maybe rename one of its breached activities “Project Collander.”
??? ??, ??????????, ???????? ? ???? ??????????, ????????? ??? ??????????? ???. ??????????????? ? ???, ??? ? 0V1ru$, ??????? ???? ???????! ??? ?? ???????? ???? ??????! @tjournal @Dobrokhotov @bbcrussian @unkn0wnerror pic.twitter.com/HUYDas7FSN
— DigitalRevolution (@D1G1R3V) July 18, 2019
It is worth noting that none of the projects exposed contains Russian government secrets, as whatever data was exposed was already known or expected.
The site for Sytech (www.sytech.ru) has since been shut down after the hack and have so far not responded to inquiries by the press. FSB too has not commented on the hack.
