The Russian Sytech, FSB contractor, hacked !!! Projects and data made public

(To Alessandro Rugolo)
22/07/19

News begins to arrive, albeit with a delay. The one affected does not seem to be one of the important ones, it is not a large company, it is not known to the general public, yet ...

The question is which Sytech is a company that works for the Federal Security Service ... of Russia !!!

The news, we said, begins to filter, despite the difficulties due to the language. The 13 last July a hacker group called $ 0v1ru announced that it had hacked the company (which works for the FSB from the 2009) and stole from its internal network about 7,5 Tera bytes of data. Among these are a number of projects concerning the cyber domain.

The type of attack, which affects a ring of the supply chain to get to hit a larger and better protected organization, is called the "supply chaine attack" and is increasingly frequent.

To demonstrate that they actually hacked the company, the group proceeded to the more classic "defacement", modifying the site's home page with the "yoba-face" image and published several screens relating to the internal network.

The data was passed to another group known as DigitalRevolution and already author of similar companies, which then shared information stolen with the Russian media.

It seems that most of the stolen projects were developed in favor of the 71330 Military Unit, which deals with "signal intelligence".

The Russian BBC site has listed a list of stolen projects, these seem to be the most interesting:

  • Nautilus, for the collection of data from social media (Facebook, LinkedIn ...);
  • Nautilus-S, for the de-anonymisation of TOR traffic ();
  • Reward, to get under cover in P2P networks;
  • Nadezhda, a tool to explore the topology of the Russian internet;
  • Tax-3, for creating a secure intranet;
  • Mentor, to monitor email communications.

From other sources we learn that the attack occurred against the Active Directory server of the Sytech. Once control was obtained, the data was taken over.

This is just a first glimpse of a wealth of documents that, having been made public, now only takes the time to be explored.

To date, the site of the Russian company is still off.

To learn more:
https://www.bleepingcomputer.com/news/security/russian-fsb-intel-agency-...
https://www.terabitweb.com/2019/07/20/russian-fsb-intel-agency-contracto...
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-d...
https://www.forbes.com/sites/zakdoffman/2019/07/20/russian-intelligence-...
https://www.bbc.com/russian/features-49050982
https://www.cs.kau.se/philwint/spoiled_onions/techreport.pdf
https://www.sytech.ru/

Events

Click on the days highlighted in red and find out what's in evidence.
Tales of military life
Send us your story
Tribute (due) to the 80th "Roma" infantry who takes leave with honor

Well, yes, we are now used to witnessing the closure of the barracks and perhaps even a little to burying the long history of the departments, a phenomenon which however does not erase the memories. It also touched...

Read the story
"Il Signor Parolini" (ninth part)

The baked chicken, as expected, had lived up to its reputation, consolidating, where needed, the undisputed culinary mastery of Gastone, chief ...

Read the story