Hackers Leak Russian Intel Stolen From an FSB Contractor

Hackers have broken into the servers of SyTech, a high-tech communication solutions provider working with Russia‘s Federal Security Service. The culprits were able to steal 7.5 terabytes of Russian intel, some of which were leaked online.

If that’s not bad enough, the hackers also defaced SyTech’s website with a “yoba face,” a popular emoji in Russia, which means trolling. Hours after the breach happened, the team behind the attack called 0v1ru$ posted screenshots of SyTech servers on Twitter.

0v1ru$ also shared the stolen information with Digital Revolution, a hacking group who breached into the servers of Quantum, another contractor working with FSB, last year.

Via its Twitter account, Digital Revolution (@D1G1R3V) revealed some of the projects SyTech and the FSB are working on since 2009.

One of the projects, called Nautilus-S, was said to be a part of Russia’s efforts to de-anonymize the TOR network using rogue servers. Many speculate that this project is aimed at exposing the people who oppose Pres. Vladimir Putin and his government policies.

In one of its tweets, Digital Revolution taunted FSB:

“Hey, FSB, how do you do with Onslaught-2? Maybe we should change the name of the project to Durschlag-1?”

Russian Intel Revealed FSB’ Plan to De-anonymize TOR

The Onion Router, or TOR network for short, is a software that offers anonymity to its users. In this age and time, where snooping into people’s online dealings is rampant, TOR provides a way to conceal the location and usage of anyone from prying eyes.

TOR uses a free, volunteer overlay network in directing Internet traffic and hiding a user’s online activities like website visits, instant messaging, online posts, and other forms of communication.

Because of this, many government-opposing groups and organizations have turned to TOR to prevent law enforcement from tracking their communications and whereabouts.

However, many cybersecurity agencies around the world have devised other means to catch criminals and dissenters lurking on TOR. The leaked Russian intel exposing FSB’s efforts to uncover TOR is just one of them.

The exposed data revealed that Nautilus-S is a software complex developed by SyTech in 2012. It includes output nodes from TOR that’s being monitored and run by SyTech.

This setup allows SyTech or FSB for that matter, to monitor a particular user’s usage and match it with visits to sites. Ultimately, the project aims to reroute user traffic to specially created sites.

Such TOR hacking incident has already happened in the past. Researchers at Karlstad University in Sweden reported in 2014 that they discovered 19 interconnected hostile exit nodes on TOR and 18 of them were controlled from Russia.

Other FBS Projects

Aside from de-anonymizing TOR, there are other FSB projects included in the Russian intel stolen by 0v1ru$. One project, called Nadezhda, is dedicated to a program designed to gather and visualize information about how the Russian Internet is connected to the global network.

Another one, dubbed as Mosquito, is dedicated to the creation of a program that would enable Russia to collect information on the Internet while hiding informational interest.

In its tweet last Friday, Digital Revolution thanked everyone for the support and has asked people with information to come forward and share it with them.

“Thank you very much to everyone, especially the 0V1ru$ ! Nothing is impossible when we are together! If you would like to share more information about this company and their employees, please contact us.”

Read More: Russian Government Plans To Disconnect The Country From Global Internet