Russian FSB Hacked: "Largest data breach in its history"

Uploaded on 2019-07-22 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Hackers have successfully targeted the FSB - Russia's Federal Security Service - reports say. Details were revealed of cyber projects that included social media scraping, targeted collection and the "de-anonymization of users of the Tor browser."

The perpetrators managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing, Forbes reported.

A week ago, on July 13, hackers under the name 0v1ru$ reportedly breached SyTech, a major FSB contractor. With the data stolen, 0v1ru$ left a smiling Yoba Face on SyTech's homepage alongside pictures purporting to showcase the breach. 0v1ru$ then passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets, taunting FSB that the agency should maybe rename one of its breached activities "Project Collander."

Russia broke the news that 0v1ru$ had breached SyTech's servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the "de-anonymization of users of the Tor browser."

The BBC described the breach as possibly "the largest data leak in the history of Russian intelligence services."

As well as defacing SyTech's homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: "Arion", "Relation", "Hryvnia," alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.

The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia's ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3).

The BBC claims that SyTech's projects were mostly contracted with Military Unit 71330, part of FSB's 16th Directorate which handles signals intelligence, the same group accused of emailing spyware to Ukranian intelligence officers in 2015.

Read also U.S. legislators draft sanctions on 24 FSB operatives over 24 Ukrainian POW sailors There is nothing newsworthy in the projects exposed here, everything was known or expected. The fact of the breach itself, its scale and apparent ease is of more note. Contractors remain the weak link in the chain for intelligence agencies worldwide—to emphasize the point, just last week, a former NSA contractor was jailed in the U.S. for stealing secrets over two decades.

The fallout from Edward Snowden continues to this day. Digital Revolution passed the information to journalists without anything being edited, removed or changed—they said. Little is known about 0v1ru$ and the group has not come forward with any comment. Neither, unsurprisingly, has FSB.

UNIAN: Security Affairs: Forbes:

You Might Also Read:

US Hackers Penetrate Russia's Electric Grid:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Spy vs Spy - Cozy Bear Hackers Hacked:

« The Destabilizing Danger Of Cyberattacks On Missile Systems

Privacy: Can You Trust FaceApp With Your Face? »