Hackers leak documents stolen from Russian intel agency contractor; tries to peel Tor

News by Bradley Barth

Hackers who stole 7.5 TB of data from Russian intelligence service contractor for FSB have been trying to crack the Tor browser

Hackers, who reportedly stole 7.5 TB of data from a contractor for the Russian intelligence service FSB, have been trying to crack the Tor browser, reported the BBC.

Tor, the preferred web browser for online anonymity, has been used used by privacy advocates and shady online players and is very popular in Russia. The success of the attempt to crack Tos is unclear, as the technique relied on luck to match Tor users to their activity, said the report.

The contractor, SyTech, has worked for FSB’s radio-electronic intelligence unit 71330 since 2009, according to a report from ZDNet, citing Russian media outlets, including BBC Russia.

The breach on 13 July reportedly exposed details on "Nautilus," a plan to gather information on users of Facebook, MySpace, LinkedIn and similar services; "Nautilius-S," a project to deanonymise Tor traffic using Tor servers; and "Reward," a scheme to secretly penetrate P2P networks.

Other leaked projects included "Mentor," a plot to monitor email communications on Russian companies’ servers; "Hope," a project to understand how the Russian internet connects to other countries’ networks; and "Tax-3," a plan to create a closed intranet to store info on sensitive government officials and judges.

Nautilus-S and Hope were actually tested in the wild, while others may have never passed the research phase or may have been a service offered by SyTech that ultimately didn’t find itself a customer, according to reports.

The hackers, who refer to themselves as 0v1ru$, reportedly gained access to SyTech’s IT network by initially hacking into its Active Directory server. The hackers defaced the company website, posted screenshots on Twitter and even shared the data with fellow hacking group Digital Revolution, who in turn revealed even more details to Russian journalists and to the public via its own Twitter account.

BBC Russia report states that a review of leaked documents found that SyTech "performed work on at least 20 non-public IT projects ordered by Russian special services and departments. These papers do not contain state secrets or secrets."

SyTech reportedly took down its website after the hack and has not responded to media inquiries. The BBC also said that FSB did not respond to a request for comment.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews