Belarusian hacktivists say they have hacked the Russian internet regulator

A unit of the Russian internet and media regulator Roskomnadzor confirmed On Saturday, hackers had breached its systems after the Belarusian cyber-activist group known as Cyber ​​Partisans claimed to have attacked the organisation.

The Russian General Radio Frequency Center (GRFC), one of Roskomnadzor’s agencies, said the hackers were unable to access sensitive information and also denied that his workstations were encrypted by the group.

Cyber ​​Partisans Friday claimed that he stole thousands of internal agency documents and locked down its computer systems. The documents purportedly contain files on Roskomnadzor’s attempts “to establish total control over all those who have spoken out against Putin’s regime over the past 20 years,” according to the group.

The hacktivists say they will analyze the documents and hand them over to journalists for further investigation.

Details of the cyber attack

GRFC said last month hackers made their first attempts to break into the agency’s system using a “previously unexploited vulnerability.” Such attacks are not new – according to GRFC, hackers attack its infrastructure on an almost daily basis – sometimes the agency logs more than 10 hacking attempts per day.

GRFC said the cyber attack on its systems was “under control” and that no confidential information was leaked. In response, Cyber ​​Partisans revealed Saturday what data they accessed. It includes data on employee passports and medical records, internal emails, and reports on agency projects, including bot farms and Internet surveillance of journalists, bloggers, and ordinary users.

“And since, according to the GRFC, we have received unclassified data, we believe we can make it public with a clear conscience,” Cyber ​​Partisans wrote on Telegram.

The group has also previously released screenshots showing some of the allegedly leaked documents. One of them Shows a web page with a logo of Russia’s Office of Operational Interaction (“KOV” in Russian), which is the automated system developed by Roskomnadzor in 2020 to track anti-war materials online. Reporters first he wrote about it in April after a whistleblower website called Distributed Denial of Secrets published a large data leak from another Roskomnadzor agency.

Another screenshot shows a list of posts on Telegram and the Russian social network Vkontakte related to the war in Ukraine.

Cyber ​​Partisans also said they found evidence that Belarusian surveillance firm Falcongaze’s software was being used to spy on RGFC employees.

“We know everything employees have done in the past three months,” Cyber ​​Partisans said. “Falcongaze, your systems are weak. Stop supporting dictators!

Falcongaze did not respond to questions about the allegations.

While the impact of the breach is unclear, Roskomnadzor’s data could be eye-opening if made public.

In September, the New York Times he wrote on the internal work of Russia’s “extensive surveillance state” using documents leaked from Roskomnadzor’s office in the Republic of Bashkortostan. Russian independent news site Meduza used the same trove of data to write automated systems used by Roskomnadzor to monitor online content “capable of destabilizing the socio-political situation in Russia”.

Daryna Antoniuk is a freelance reporter for The Record based in Ukraine. She writes about cyber security startups, cyber attacks in Eastern Europe and the state of cyber warfare between Ukraine and Russia. Previously she was a technology reporter for Forbes Ukraine. Her work has also been published by Sifted, The Kyiv Independent and The Kyiv Post.