Latest in Gear

Image credit:

Hackers broke into a contractor for Russia's spy agency

They stole info that included an FSB plan to deanonymize Tor.
Jon Fingas, @jonfingas
July 21, 2019
Share
Tweet
Share

Sponsored Links

Alexei Druzhinin, Sputnik, Kremlin Pool Photo via AP

The Russian government has been linked to a number of high-profile hacks, but it just became a target -- and the data that was stolen says a lot about its apparent goals. A hacking group nicknaming itself 0v1ru$ infiltrated the servers of SyTech, a contractor for the FSB intelligence agency on July 13th. They compromised the firm's Active Directory server and stole 7.5TB of data. The intruders revealed a number of projects that SyTech had been working on for the FSB (and fellow contractor Quantum) since 2009, some of which were pure research while others came to fruition.

The most prominent of the projects, Nautilus-S, was meant to deanonymize Tor traffic and create a database of Tor users and devices. Work started on it in 2012, and it appears to have been put into use in 2014, when Swedish researchers discovered Russian Tor nodes trying to decipher data. It's unclear how successful the FSB has been, but its goal was likely to identify and silence political dissidents.

Other projects weren't as ambitious. One project that reached the test phase, Hope, mapped the Russian section of the internet and its connections to other countries. Nautilus (not Nautilus-S) collected social network data. Reward was meant to penetrate peer-to-peer networks, while Mentor was built to search and spy on the email of Russian companies. Tax-3 would have created a closed intranet to keep the information of key political figures and judges away from regular government networks.

SyTech took down its website after the hack and has so far declined to respond to the press.

This isn't the first hack against an FSB contractor. Quantum faced its own breach in 2018. The treasure trove of data appears to be larger here, though. It's also a likely embarrassment for the FSB. The agency has thrived on covering its tracks and otherwise remaining secretive, but couldn't ensure that key partners were equally secure. As in many other cases, security was only as strong as the weakest link in the chain.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Best Buy slashes 50 percent off TCL's 75-inch 8-series Roku TV

Best Buy slashes 50 percent off TCL's 75-inch 8-series Roku TV

View
WoW's 'Shadowlands' expansion is delayed until later this year

WoW's 'Shadowlands' expansion is delayed until later this year

View
Nintendo agrees to $2 million settlement in Switch hacking lawsuit

Nintendo agrees to $2 million settlement in Switch hacking lawsuit

View
The next 'Super Smash Bros. Ultimate' fighter is Steve from 'Minecraft'

The next 'Super Smash Bros. Ultimate' fighter is Steve from 'Minecraft'

View
Netflix will only stream in 4K to Macs that have a T2 security chip

Netflix will only stream in 4K to Macs that have a T2 security chip

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr