Russian FSB Hacked: "Largest data breach in its history"

Hackers have successfully targeted the FSB - Russia's Federal Security Service - reports say. Details were revealed of cyber projects that included social media scraping, targeted collection and the "de-anonymization of users of the Tor browser." 

The perpetrators managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing, Forbes reported.

A week ago, on July 13, hackers under the name 0v1ru$ reportedly breached SyTech, a major FSB contractor. With the data stolen, 0v1ru$ left a smiling Yoba Face on SyTech's homepage alongside pictures purporting to showcase the breach. 0v1ru$ then passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets, taunting FSB that the agency should maybe rename one of its breached activities "Project Collander."

Russia broke the news that 0v1ru$ had breached SyTech's servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the "de-anonymization of users of the Tor browser."

The BBC described the breach as possibly "the largest data leak in the history of Russian intelligence services."

As well as defacing SyTech's homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: "Arion", "Relation", "Hryvnia," alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.

The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia's ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3).

The BBC claims that SyTech's projects were mostly contracted with Military Unit 71330, part of FSB's 16th Directorate which handles signals intelligence, the same group accused of emailing spyware to Ukranian intelligence officers in 2015.

Read also U.S. legislators draft sanctions on 24 FSB operatives over 24 Ukrainian POW sailors There is nothing newsworthy in the projects exposed here, everything was known or expected. The fact of the breach itself, its scale and apparent ease is of more note. Contractors remain the weak link in the chain for intelligence agencies worldwide—to emphasize the point, just last week, a former NSA contractor was jailed in the U.S. for stealing secrets over two decades.

The fallout from Edward Snowden continues to this day. Digital Revolution passed the information to journalists without anything being edited, removed or changed—they said. Little is known about 0v1ru$ and the group has not come forward with any comment. Neither, unsurprisingly, has FSB. 

UNIAN:              Security Affairs:          Forbes:

You Might Also Read:

US Hackers Penetrate Russia's Electric Grid:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Spy vs Spy - Cozy Bear Hackers Hacked:

 

 

« The Destabilizing Danger Of Cyberattacks On Missile Systems
Privacy: Can You Trust FaceApp With Your Face? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

Bufferzone Security

Bufferzone Security

Bufferzone is a patented containment solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

CryptoSec.info

CryptoSec.info

CryptoSec.info is a web resource focused on educating the beginners in the cryptocurrency space on how to properly secure their online assets from hackers and scammers.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

Red River

Red River

Red River is a technology transformation company, bringing 25 years of experience and mission-critical expertise in analytics, cloud, collaboration, mobility, networking and security solutions.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

Assetnote

Assetnote

The Assetnote platform enables organizations to effectively map and continuously monitor their external attack surface.

SyberFort

SyberFort

SyberFort offers a suite of SAAS-based platforms designed to fortify your digital defenses including Threat Intelligence and Brand Protection.