Hackers’ deeds know no end

These days, foreign and some domestic media have been writing about the hacking of a major contractor of the Russian Federal Security Service (FSB), and the stealing of 7.5 terabytes of data.

The news on SyTech, system breach was broken on July 19 on the Russian BBC portal, and later it was taken by other foreign and domestic media. According to the writing, a group of hackers under the name 0v1ru$ breached the SyTech’s system on July 13, leaving a Yoba Face[1] on the site – emoji frequently used in trolling.

Screenshot of the hacked Twitter account

On the day of hacking, the group posted on its Twitter account of the same name (@0v1ruS) several screenshots showing the whole hacking process. Besides exposing e-mails and names of the SyTech’s employers, hackers unveiled several projects such as Арион, Реляция, Гривна. Soon after, the Twitter account was deleted.

According to the Russian BBC, 0v1ru$ group shared all the data with the largest hacking group the Digital Revolution, which then forwarded the data to the media. It is strange that the Digital Revolution has begun posting screenshots of the data it possesses on July 18, since it is known that the breach occurred on July 13.

Thus, the Russian BBC came to possession of several SyTech’s projects, among which there are projects related to de-anonymization of the users of the Tor browser (project named Наутилус-C and ordered by the Russian Research Institute Kvant), the social media scraping[2] such as Facebook, Myspace and LinkedIn (project named Наутилус, but it is unknown who ordered it), as well as to the creation of a program that accumulates and visualizes information on how the Russian segment of the Internet is connected to the global network (project named Надежда ordered by the military unit No. 71330).

Recall April this year when members of the Russian State Duma voted for the Sovereign Internet Bill enabling the Russian Internet (Runet) to operate independently from the World Wide Web in the event of an emergency or foreign threat. The bill amends the laws On Communications and On Information, Information Technologies and Information Protection, and it should enter into force in November this year. Until today, we have not seen any statements from either FSB or SyTech on this hackers’ attack.


[1] Stands for Youth Oriented, Bydlo-Approved Face

[2] The term indicates the process of taking down the content from the Internet. This software technique mostly focuses on converting unstructured data on the network (usually in HTML form) into structured data that can be saved and analyzed in a central data base or a spreadsheet.