Russian FSB Hacked: "Largest data breach in its history"

Hackers have successfully targeted the FSB - Russia's Federal Security Service - reports say. Details were revealed of cyber projects that included social media scraping, targeted collection and the "de-anonymization of users of the Tor browser." 

The perpetrators managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing, Forbes reported.

A week ago, on July 13, hackers under the name 0v1ru$ reportedly breached SyTech, a major FSB contractor. With the data stolen, 0v1ru$ left a smiling Yoba Face on SyTech's homepage alongside pictures purporting to showcase the breach. 0v1ru$ then passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets, taunting FSB that the agency should maybe rename one of its breached activities "Project Collander."

Russia broke the news that 0v1ru$ had breached SyTech's servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the "de-anonymization of users of the Tor browser."

The BBC described the breach as possibly "the largest data leak in the history of Russian intelligence services."

As well as defacing SyTech's homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: "Arion", "Relation", "Hryvnia," alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.

The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia's ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3).

The BBC claims that SyTech's projects were mostly contracted with Military Unit 71330, part of FSB's 16th Directorate which handles signals intelligence, the same group accused of emailing spyware to Ukranian intelligence officers in 2015.

Read also U.S. legislators draft sanctions on 24 FSB operatives over 24 Ukrainian POW sailors There is nothing newsworthy in the projects exposed here, everything was known or expected. The fact of the breach itself, its scale and apparent ease is of more note. Contractors remain the weak link in the chain for intelligence agencies worldwide—to emphasize the point, just last week, a former NSA contractor was jailed in the U.S. for stealing secrets over two decades.

The fallout from Edward Snowden continues to this day. Digital Revolution passed the information to journalists without anything being edited, removed or changed—they said. Little is known about 0v1ru$ and the group has not come forward with any comment. Neither, unsurprisingly, has FSB. 

UNIAN:              Security Affairs:          Forbes:

You Might Also Read:

US Hackers Penetrate Russia's Electric Grid:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Spy vs Spy - Cozy Bear Hackers Hacked:

 

 

« The Destabilizing Danger Of Cyberattacks On Missile Systems
Privacy: Can You Trust FaceApp With Your Face? »

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

SISA

SISA

SISA is a payment security specialist providing payment security assurance services, training and products to over 1,000 customers across the globe.

ActiveCyber

ActiveCyber

ActiveCyber is a source for news, reviews, learning, and technological innovation in the active cyber defense industry.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

Secuvant

Secuvant

Secuvant is an independent IT Security firm providing enterprise-grade IT security services to mid-market organizations.