Russia Hit With 'Unprecedented' Breaches By Pro-Ukrainian Cyberattackers (stripes.com) 40
This week the Washington Post described Russia as "struggling under an unprecedented hacking wave" — with one survey finding Russia is now the world's leader for leaked sensitive data (such as passwords and email addresses). "Federation government: your lack of honor and blatant war crimes have earned you a special prize..." read a message left behind on one of the breached networks...
Documents were stolen from Russia's media regulator and 20 years of email from one of Russia's government-owned TV/radio broadcasting companies. Ukraine's government is even suggesting targets through its "IT Army" channel on telegram, and has apparently distributed the names of hundreds of Russia's own FSB security agents. And meanwhile, the Post adds, "Ordinary criminals with no ideological stake in the conflict have also gotten in on the act, taking advantage of preoccupied security teams to grab money as the aura of invincibility falls, researchers said." Soon after the invasion, one of the most ferocious ransomware gangs, Conti, declared that it would rally to protect Russian interests in cyberspace. The pledge backfired in a spectacular fashion, since like many Russian-speaking crime groups it had affiliates in Ukraine. One of them then posted more than 100,000 internal gang chats, and later the source code for its core program, making it easier for security software to detect and block attacks.
Network Battalion 65 [a small hacktivist group formed as the war began looking inevitable] went further. It modified the leaked version of the Conti code to evade the new detections, improved the encryption and then used it to lock up files inside government-connected Russian companies. "We decided it would be best to give Russia a taste of its own medicine. Conti caused (and still causes) a lot of heartache and pain for companies all around the world," the group said. "As soon as Russia ends this stupidity in Ukraine, we will stop our attacks completely."
In the meantime, Network Battalion 65 has asked for ransomware payments even as it has shamed victims on Twitter for having poor security. The group said it hasn't gotten any money yet but would donate anything it collects to Ukraine.
Ars Technica quotes a cybersecurity researcher who now says "there are tens of terabytes of data that's just falling out of the sky."
Thanks to long-time Slashdot reader SpzToid for sharing the article!
Documents were stolen from Russia's media regulator and 20 years of email from one of Russia's government-owned TV/radio broadcasting companies. Ukraine's government is even suggesting targets through its "IT Army" channel on telegram, and has apparently distributed the names of hundreds of Russia's own FSB security agents. And meanwhile, the Post adds, "Ordinary criminals with no ideological stake in the conflict have also gotten in on the act, taking advantage of preoccupied security teams to grab money as the aura of invincibility falls, researchers said." Soon after the invasion, one of the most ferocious ransomware gangs, Conti, declared that it would rally to protect Russian interests in cyberspace. The pledge backfired in a spectacular fashion, since like many Russian-speaking crime groups it had affiliates in Ukraine. One of them then posted more than 100,000 internal gang chats, and later the source code for its core program, making it easier for security software to detect and block attacks.
Network Battalion 65 [a small hacktivist group formed as the war began looking inevitable] went further. It modified the leaked version of the Conti code to evade the new detections, improved the encryption and then used it to lock up files inside government-connected Russian companies. "We decided it would be best to give Russia a taste of its own medicine. Conti caused (and still causes) a lot of heartache and pain for companies all around the world," the group said. "As soon as Russia ends this stupidity in Ukraine, we will stop our attacks completely."
In the meantime, Network Battalion 65 has asked for ransomware payments even as it has shamed victims on Twitter for having poor security. The group said it hasn't gotten any money yet but would donate anything it collects to Ukraine.
Ars Technica quotes a cybersecurity researcher who now says "there are tens of terabytes of data that's just falling out of the sky."
Thanks to long-time Slashdot reader SpzToid for sharing the article!
What goes around (Score:2, Funny)
Re: (Score:3)
Re:What goes around (Score:4, Insightful)
This might hit ordinary Russians too though. For a start, Google has stopped delivering updates to their Android devices. Attacks on hospitals could even be considered war crimes.
I'm behind the Ukrainians 100%, I just hope their aim is good, unlike the Russian criminals who spread ransomware.
You know what they say (Score:2)
Turnabout is fair play.
Reap what you sow (Score:1, Insightful)
Suck it up Vlad.
Re: (Score:3, Funny)
Poor Vlad. He moved the goalposts half the length of Ukraine, and he still can't win.
Re:fake news (Score:5, Funny)
Thank you for that word from the former alleged president. Now a word from our sponsor:
Friend, have you or a loved one died from Covid? Wouldn't you like to protect your family? Our new Hydroxychloroquine Plus Extra Strength can be yours for $19.99 in three easy money payments. Our staff at Mar-a-Loco is standing by for your call. And if you call with the next hour, you will hear a canned recording of the Orange Shitgibbon expressing his thoughts on the Big Lie as only a Manly Sitzpizler can do.
I wonder how much will end up on Wikileaks? (Score:3)
Exfiltration of data is great, but... (Score:1)
Can any of these groups get accurate information to the Russian people about the atrocities their military of committing, and how poorly the war is actually going for them? This might be an effective way to help end this stupidity sooner.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Why would people believe them?
They might, some people will believe anything, but I don't believe the messages that I get in my in-box unless I have a good reason to. If I link to a site, then I've got a fair amount of faith that I've reached the site I was browsing to. If I click on a link, I've got a lot less trust. If I were to click on a link that someone else had sent me...I'd be really dubious. I wouldn't click on a shortened link.
Re:Exfiltration of data is great, but... (Score:4, Informative)
are you nuts?
That is called psychological projection.
Re: (Score:2)
This might be an effective way to help end this stupidity sooner.
are you nuts? this war is huge business, besides it is necessary to maintain world domination, and it was a huge effort to get it started! nobody is interested in stopping this! well, except russia, and ofc ukrainians who are paying the blood price. their "friends" in the democratic west will keep throwing gasoline into the fire so the show may go on! oh, and they will also cry a little bit on prime time.
You mean a big effort for Putin of course, because no one else bears the slightest responsibility for this war.
Frankly, I am a little conflicted about the duration of the war in one sense. Way too many people are suffering and dying for the war to go another day. On the other hand, if it goes on long enough for Ukraine to retake the "separatist regions" and even Crimea that's a huge benefit to the people who live there, and its get Ukraine out of a frozen conflict without having to cede territory that Russi
Re: (Score:2)
"people who live there" have long been labelled expendable by the powers that be. yep, all of them,
Well I know people who live there and they're sure as hell not expendable to me.
you can't be that gullible, can you?
oh, yeah right, you can.
Speaking of gullible...
first: russia never "conquered" crimea, they were already there. in 2014 they just had to proclaim sovereignty over a territory they already fully controlled and had be granted rights to by the ukrainian government.
I don't even know what you think you know here.
Russia wasn't "in Crimea" except in the sense they had a military base there (as does the US in many countries) that they used as a launchpad for their invasion. That hardly counts as "a territory they already fully controlled and had be granted rights to".
and following to second: people in crimea are overwhelmingly pro russian so how would you want to "benefit their lives" with some ukrainian nationalism they never wanted?
Pro-Russian in the Ukrainian political system doesn't mean 'wanted to be part of Russia'. If that were th
Re: (Score:2)
that they used as a launchpad for their invasion.
sigh. what invasion? local militia took control,
The vast majority were Russian troops and mercenaries dressed up as local militia.
then a referendum overwhelmingly favored russian rule.
Do you honestly think Russia held a free and open referendum? Do you imagine that if a "Stay in Ukraine" side wanted to they could have held a vigorous campaign, gotten a 51% vote to stay, and then Putin would have gone home?
Join Russia was going to be the official outcome of that referendum no matter what the Crimeans wanted. I honestly wouldn't even hazard a guess as to what the true turnout was, nor what a truly free vote w
Re: (Score:2)
My big issue with that take is he completely ignores what Ukraine wants.
well, then we have gone full circle: as i told you, nobody in this show gives a fig about what people in ukraine wants. actually, ukraine is quite polarized and wanting different things, but i bet on what most of them agree is in wanting the end of this war. however it doesn't look like it will end anytime soon, surely not while the west is pouring billions into it.
you seem to acritically accept the western narrative so let's agree to disagree, i see no point in speculating about the intentions of "putin".
I didn't do it. (Score:2)
The Propaganda is going to fly (Score:2)
Between sabotage of Russian chemical plant [thesun.co.uk] and Food Processing Plants Catching on Fire [marketrealist.com] it's really hard to have strong opinions on what is coincidence and what is cyber warfare. I'm sure however that groups in adversarial roles will be pretty quick to claim credit for things they didn't do if it positive for their propaganda.
Re: (Score:2)
" it's really hard to have strong opinions on what is coincidence and what is cyber warfare."
It doesn't matter, damage is damage, be it incompetence or malice, it's the same.
Re: (Score:2)
Well, no. If the cause was incompetence, it was a one-off event. Not likely to happen again.
If the cause was sabotage (cyber warfare), it'll happen again. Soon. Count on it.
Re: (Score:2)
Well, no. If the cause was incompetence, it was a one-off event. Not likely to happen again.
To this point, the Russian invasion into Ukraine seems to have provided multiple demonstrations of recurrent incompetence.
Re: (Score:2)
Between sabotage of Russian chemical plant [thesun.co.uk] and Food Processing Plants Catching on Fire [marketrealist.com] it's really hard to have strong opinions on what is coincidence and what is cyber warfare. I'm sure however that groups in adversarial roles will be pretty quick to claim credit for things they didn't do if it positive for their propaganda.
Frankly, if I were a Russian living in Russia right now, walking by a facility I knew to be connected to the war effort, I'd be very tempted to walk by again in the dead of night with a Molotov cocktail.
I think something similar is happening in Belarus with the rail sabotage, when protest is banned there's other ways for ordinary citizens to resist.
Dumps into the public domain? (Score:2)
A lot of these hacking groups have been hoarding since the early 2000s it’ll be interesting to see what they’ve stolen.
HAHA (Score:2)
haha! I hope phishing schemes and other rotteness follow.
Russia was dirty from the very start so crash Russia.
Russia fair game (Score:2)
Serously, I don't mind stealing, or hacking, or crashing control systems of gas plants, as long as the target is Russia.
Russia is fair game for all black hat attacks.
Re: (Score:1)
Where were these black hat hacks when the US overthrew the Ukrainian government in 2014?
It's amazing how ignorant those calling for attacks are. wake up.
Cloud = Vulnerability (Score:1)
If this war has reinforced anything, it's that CLOUD=BAD.
The whole cloud managed infrastructure ecosystem has allowed bad actors to implant bad firmware into APC UPS' causing fires by simply rerouting traffic to a payload delivery system. It's obvious that this is a weak point.
oh, and that 99.99% have no fucking clue about the 2014 US orchestrated Coup and the Broken peace agreement that led to the invasion.