Hackers have successfully targeted SyTech, a contractor for Russian intelligence service FSB, according to news reports.
A week ago, on July 13, a group of hackers called 0v1ru$ hacked into SyTech’s Active Directory server from where they gained access to the company’s entire IT network.
BBC Russia, which broke the news, said “it’s possible that this is the largest data leak in the history of the work of Russian special services on the Internet.”
Biggest Data Breach in History
0v1ru$ stole 7.5 terabytes of data from the company’s network. The documents revealed information about internal cyber projects the company was working on behalf of FSB, including one to de-anonymize Tor traffic. The data was then passed on to a larger, more well-known hacking group Digital Revolution, which shared the files with mainstream media outlets for publishing.
The perpetrators also defaced the company’s website with a smiling “YOBA face,” a popular Russian meme that denotes trolling.
FSB’s Cyber Projects
The stolen files indicate that SyTech has worked on a mix of projects since 2009 for FSB unit 71330 and Quantum, another FSB contractor. Some of these cyber projects include:
Nautilus: A project for social media scraping of users from Facebook, MySpace, and LinkedIn.
Nautilus-S: A project for de-anonymizing Tor traffic with the help of rogue Tor servers.
Mentor: A project to monitor email communications on servers of Russian companies.
BBC Russia, who received the trove of stolen files, claims there were other older projects for researching other network protocols such as ED2K, OpenFT, and Jabber. Other files posted claimed that the FSB was also tracking students and pensioners.
FSB is the principal security agency of Russia and the primary successor agency to the KGB, reporting directly to Russia’s president. It’s the British equivalent of MI5, the Israeli equivalent of the Shin Bet, and the US equivalent of the FBI.