Hackers have lent a subcontractor to Russia’s National Intelligence Service, FSB, for information on internal projects the supplier was working on – including a project on the deanonymization of Tor traffic.
That’s what ZDNet writes.
The data leak occurred last weekend on July 13, when cybercriminals hacked into the subcontractor SyTech’s Active Directory server, accessing the company’s IT network.
- Apple Safari browser will no longer accept new HTTPS Certificates with a validity period of more than 398 days
- The Shadow Brokers using Pakistani Cyber Security Software
- 5 WAYS to stand out in an Interview Job in the field of Information Security
- IT Specialist Copied Russian Railway Employees Data and Post It on Internet
- New York Police Department (NYPD) Networks Get Infected with Ransomware
They managed to steal 7.5TB of data from the subcontractor, and they also compromised the company’s website with a “yoba face”, an emoji that is popular in Russia and which means “trolling”.
Hackers have also posted screenshots of the company’s servers on Twitter, sharing the stolen data with the Digital Revolution, which is another hackers group that last year tapped Quantum, another FSB subcontractor.
This sharing led to the release of several stolen files with more details on their Twitter account, Thursday, July 18.
According to Russian media, SyTech has worked on a number of projects for FSB, including
- Nautilus – a project for collecting data on social media users (such as Facebook, MySpace, and LinkedIn).
- Nautilus-S – a project to de-anonymize Tor traffic
- Reward – a project to penetrate P2P networks.
- Mentor – a project to monitor and search email communication on Russian corporate servers.
- Hope – a project such as should investigate how the Russian part of the Internet is connected to other countries’ networks.
- Tax-3 – a project aimed at creating a closed intranet for the storage of particularly sensitive data from the Russian Central Administration.