The BBC described the breach as possibly "the largest data leak in the history of Russian intelligence services." Handout.

There were red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB — Russia’s Federal Security Service.

The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world, Forbes reported.

The data was passed to mainstream media outlets for publishing.

FSB is Russia’s primary security agency with parallels with the FBI and MI5, but its remit stretches beyond domestic intelligence to include electronic surveillance overseas and significant intelligence-gathering oversight. It is the primary successor agency to the infamous KGB, reporting directly to Russia’s president.

A week ago, on July 13, a hacking group under the name Ov1ru$ that had reportedly breached SyTech, a major FSB contractor working on a range of live and exploratory internet projects, left a smiling Yoba Face on SyTech’s homepage alongside pictures purporting to showcase the breach.

It had passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets and the headlines with Twitter — taunting FSB that the agency should maybe rename one of its breached activities “Project Collander.”

BBC Russia broke the news that Ov1ru$ had breached SyTech’s servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the “de-anonymization of users of the Tor browser.”

The BBC described the breach as possibly “the largest data leak in the history of Russian intelligence services.”

As well as defacing SyTech’s homepage with the Yoba Face, Ov1ru$ also detailed the project names exposed: “Arion” “Relation” “Hryvnia,” alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.

The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia’s ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3).

The BBC claims that SyTech’s projects were mostly contracted with Military Unit 71330, part of FSB’s 16th Directorate which handles signals intelligence, the same group accused of emailing spyware to Ukranian intelligence officers in 2015.

Nautilus-S, the Tor de-anonymization project, was actually launched in 2012 under the remit of Russia’s Kvant Research Institute, which comes under FSB’s remit. Russia has been looking for ways to compromise nodes within Tor’s structure to either prevent off-grid communications or intercept those communications. None of which is new news. It is believed that some progress has been made under this project. Digital Revolution claims to have hacked the Kvant Research Institute before.

The preparatory activities for splitting off a “Russian internet,” follow Russian President Vladimir Putin signing into law provisions for “the stable operation of the Russian Internet (Runet) in case it is disconnected from the global infrastructure of the World Wide Web.”

The law set in train plans for an alternative domain name system (DNS) for Russia in the event that it is disconnected from the World Wide Web, or, one assumes, in the event that its politicians deem disconnection to be beneficial. Internet service providers would be compelled to disconnect from any foreign servers, relying on Russia’s DNS instead.

There is nothing newsworthy in the projects exposed here, everything was known or expected. The fact of the breach itself, its scale and apparent ease is of more note. Contractors remain the weak link in the chain for intelligence agencies worldwide — to emphasize the point, just last week, a former NSA contractor was jailed in the U.S. for stealing secrets over two decades.

Digital Revolution passed the information to journalists without anything being edited, removed or changed — they said. Little is known about Ov1ru$ and the group has not come forward with any comment.

Neither, unsurprisingly, has FSB.

Join the Conversation


  1. Topical Propecia Side Effects Hair Loss Treatment Apotheke Viagra Pfizer [url=]where to buy cialis online safely[/url] Propecia Seguridad Social

  2. I’m not that much of a internet reader
    to be honest but your blogs really nice, keep it up!
    I’ll go ahead and bookmark your website to come
    back later on. All the best

  3. I just couldn’t go away your website prior to suggesting that I
    really enjoyed the usual information an individual supply
    on your visitors? Is gonna be again frequently in order
    to check out new posts

  4. I’m not that much of a internet reader to be honest but your blogs
    really nice, keep it up! I’ll go ahead and bookmark your site to come back down the road.
    All the best

  5. Buy Cialis Overnight Delivery Cialis Bewertung [url=]Cialis[/url] Antiseptic Online Celexa Buy Propecia 1 Mg Online Safely

  6. Sildenafil Pas Cher 150 Mg Viagra E Pressione Arteriosa Synthroid Online Canada [url=]Buy Cialis[/url] Viagra En Vente France Free Tadalis Sx Soft Sample Amoxicillin Clavulanate Rash Picture

  7. Hi, I believe your web site could be having internet
    browser compatibility issues. When I take a look at your website in Safari, it looks fine however,
    when opening in Internet Explorer, it has some overlapping issues.
    I simply wanted to give you a quick heads up! Apart
    from that, great website!

Leave a comment