A supply chain nightmare with a big reveal. Contractor to Russia’s Federal Security Service (FSB), SyTech, was hacked with 7.5TB of sensitive data exfiltrated --- exposing several projects designed to spy on users. Hacking group 0v1ru$ broke into SyTech’s Active Directory server and then breached the entire network, including a JIRA instance. But the most alarming discovery was on a project called Nautilus-S aiming to de-anonymize Tor using rogue servers.
ZDNet briefly outlines other projects discovered in the take, including collecting data on social media users, penetrating P2P networks, monitoring email communications of Russian companies, investigating the topology of the Russian internet in relation to other countries’ networks, and secretly tracking information of highly sensitive state officials, judges and figures.
Hackers have breached SyTech, a contractor for FSB, Russia's national intelligence service, from where they stole information about internal projects the company was working on behalf of the agency -- including one for deanonymizing Tor traffic. The breach took place last weekend, on July 13, when a group of hackers going by the name of 0v1ru$ hacked into SyTech's Active Directory server from where they gained access to the company's entire IT network, including a JIRA instance. Hackers stole 7.5TB of data from the contractor's network, and they defaced the company's website with a "yoba face," an emoji popular with Russian users that stands for "trolling." Hackers posted screenshots of the company's servers on Twitter and later shared the stolen data with Digital Revolution, another hacking group who last year breached Quantum, another FSB contractor.