Hackers managed to break into SyTech, an external partner of the FSB (Russia's national intelligence service), and obtained information about their hacking projects. One of them was the de-anonymization of the Tor network traffic.
The breach took place last weekend, July 13, when a team hackers with the name 0v1ru$ broke into SyTech's Active Directory server from where they gained access to the company's entire network.
The hackers stole 7.5 TB of data, of which posted snapshots on Twitter and later shared the stolen data with the digital revolution, another hacking group that disbanded Quantum, another FSB external partner, last year.
The secret projects of FSB
According to Russian media, the records show that SyTech has been working since 2009 on many projects for FSB and its partner Quantum.
These projects are listed below:
- Nautilus - a project for the collection of data by users of social networks (such as Facebook, MySpace and LinkedIn).
- Nautilus-S - a project to de-anonymize Tor network traffic with the help of malicious servers.
- Reward – a project for covert infiltration of networks P2P, το πρωτόκολλο που χρησιμοποιείται στα torrents.
- Mentor – a project for her monitoring και αναζήτηση ηλεκτρονικών messages on servers of Russian companies.
- Hope - a project to explore the topology of the Russian Internet and how it connects to other countries' networks.
- Tax-3 - a project to create a closed intranet for the storage of information by extremely sensitive politicians, judges and local government officials, separate from the rest of the state networks.
BBC Russia, which received the leaked data, claims that there were other older programs for researching other network protocols such as Jabber (instant messaging), ED2K (eDonkey) and OpenFT (business file transfer).
Other files posted by account of Digital Revolution Twitter claims that the FSB is monitoring students and retirees.
But while most projects seem to be just for research with modern technology, there are two that seem to have been tested in the real world.
The first is Nautilus-S, to de-anonymize Tor network traffic. BBC Russia he says that work on Nautilus-S began in 2012. Two years later, in 2014, academics from Karlstad University in Sweden, published a paper which described in detail the use of malicious nodes in the Tor network trying to decrypt the traffic.
The researchers identified 25 malicious servers, 18 of which were located in Russia and were running Tor version 0.2.2.37, the same one described in the leaked files.
______________________
- FaceApp when the idiot looked at the finger
- Windows 10 May 2019 Update ISO with all the latest patches
- The real hardware requirements for Windows 10
