Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Hackers Exfiltrate 7.5TB From Russian FSB Contractor

    FSB-hacked

    'Biggest ever breach' exposes project to de-anonymize Tor traffic. IF YOU'RE A CONTRACTOR to a government intelligence service, then getting hacked is a really bad look. Especially if the hacking reveals a number of projects that are slyly being worked on.

    That's exactly what happened to SyTech, a Russian company that does work on behalf of the Federal Security Service (FSB), the country's national intelligence service. While it's always fun to put a trolling smiley on the company homepage (pictured above - that's not an author bio), the real bounty was the information on top-secret projects which is now public domain, after being sent to BBC Russia.

    In all, 7.5TB of data was nabbed, and it included a number of sensitive projects designed to spy on users more effectively. ‘Reward' is designed to keep tabs on P2P networks, while ‘Mentor' monitors company email communications.

    Beautifully illustrating the ‘one rule for us' mantra, ‘Tax-3' is a project designed to create a closed intranet for the tax concerns of state figures, judges and officials, away from the state's other IT networks. So the Russian government isn't against all forms of privacy.

    But perhaps the most interesting projects are 'Nautilus' and ‘Nautilus'. ‘Nautilus' gathers data from social media accounts while ‘Nautilus-S' may sound like a souped up version, but is actually designed to de-anonymize Tor traffic, making dissidents' lives a nightmare.

    What's interesting about this is that it's possible ‘Nautilus-S' has actually been seen in the wild. The project started in 2012, but if you cast your mind back to 2014, you'll remember that Swedish academics published a paper warning of hostile Tor exit notes. Of the 25 malicious servers the researchers found, 18 were in Russia.

    Since the hack, SyTech has taken its website down, and is apparently ignoring media inquiries. You imagine the Russian government would like a word, too. I betcha they came in with one good spear phishing attack, targeting the admins with keys to the kingdom. 

    Cross-posted with grateful acknowledgment to The Inquirer: https://www.theinquirer.net/inquirer/news/3079329/fsb-contractor-hack-tor

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Hacking

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews