Hacking collective Anonymous declares 'cyber war' against Vladimir Putin's government

Overnight said:
That didn't last long, their website is back up. Next!
More...

Let's read the entire article (with important highlights bolded)... this was effectively a "ransomware" encryption style attack which encrypted the entire network and took down the company's operations. Except in this case the hackers will not provide a key to unencrypt the data for the company. An insulting message on the company's public website is easy to fix
(a couple hours at most to restore the web image). Restoring the servers to run the operation (assuming they had a backup) is harder to fix (and takes more time -- hence the week off for employees comment). The hackers will also dump all the data on the public internet (which may allow for other exploits and financial attacks).

Hackers Attack Russian Railroad Company that Transports Military Goods
The “Nebula” hacker collective attacked the Russian corporation, TEHTRANS, which had allegedly worked with the Russian military to transport weapons and soldiers.
https://www.kyivpost.com/post/20862

The battle against Russia's war machine not only takes place on the battlefield - but increasingly in cyberspace. A hacker collective, which goes by the name “Nebula,” took over the website of a Russian corporation which, it alleges, contributes to Russia's war effort through its work with the Russian railway service.

Following the encryption of all information on Tehtrans' website, the hacker collective left a note, in Russian, which said, in part: “We presume you don't appreciate that we've just encrypted your network, including your railway servers. It's hard work after all, having to assist in smuggling Russian military equipment into Ukraine.

“You can relax now though; you'll have no work to do considering your network is absolutely destroyed. Leave it to us, we will take care of railway operations.”

The hacker collective's statement continued by saying: “Thank you kindly for the 3.5TB worth of data. Normally, we'd threaten to leak it if you don't pay us, but we are thoughtful hackers.

“Instead, we've decided to give all of your employees the week off.

3.5 Terabytes would be equivalent to roughly 56 million documents.

The hacker collective concluded with a promise: “We know it's difficult not having access to files, therefore we will be sure to make all of them publicly available in the coming days.

“Have a great rest of your week.”

A separate note, in English, said: “This is an official notice regarding the seizure of your domain due to your cooperation in Russian military operations.”

Historically, Nebula, has taken credit for multiple other hacks on Russian government computers, which it has then made publicly available.

According to photos released by the hacker collective on their Twitter account on Wednesday morning, Nebula had gained access to the cameras in Tehtrans' meeting rooms and had spied on the corporation's employees. Moreover, the server's name, RAIL-SRV, supports the argument that Tehtrans was involved with Russia’s rail industry.

Depending on the browser used, visitors to the corporation's website are now greeted with a playable version of Pac-Man, the early video game.

Since the start of the full-scale invasion of Ukraine, Russia's infrastructure has been routinely hacked by international and Russian hackers. The rise of hacking being done by Russians against state entities and enterprises that support the war effort has recently increased.

Early in the war, NB65, a collective allegedly consisting of hackers formerly linked with the “Anonymous” group, successfully hacked into the Russian government's space agency, Roscosmos and blocked its ability to communicate with the space organization's Central Command Center before uploading malware to that had been developed by the Russian government itself.

A different organization, which claimed to be Russian, calling itself the Russian National Republican Army (NRA), hacked IT corporations whose technologies are used by the Russian military and intelligence services – in attempts to make them vulnerable to future hacking attacks.
 
gwb-trading said:
Let's read the entire article (with important highlights bolded)... this was effectively a "ransomware" encryption style attack which encrypted the entire network and took down the company's operations. Except in this case the hackers will not provide a key to unencrypt the data for the company. An insulting message on the company's website is easy to fix. Restoring the servers to run the operation (assuming they had a backup) is harder to fix (and takes more time -- hence the week off for employees comment). The hackers will also dump all the data on the public internet (which may allow for other exploits and financial attacks).

Hackers Attack Russian Railroad Company that Transports Military Goods
The “Nebula” hacker collective attacked the Russian corporation, TEHTRANS, which had allegedly worked with the Russian military to transport weapons and soldiers.
https://www.kyivpost.com/post/20862

The battle against Russia's war machine not only takes place on the battlefield - but increasingly in cyberspace. A hacker collective, which goes by the name “Nebula,” took over the website of a Russian corporation which, it alleges, contributes to Russia's war effort through its work with the Russian railway service.

Following the encryption of all information on Tehtrans' website, the hacker collective left a note, in Russian, which said, in part: “We presume you don't appreciate that we've just encrypted your network, including your railway servers. It's hard work after all, having to assist in smuggling Russian military equipment into Ukraine.

“You can relax now though; you'll have no work to do considering your network is absolutely destroyed. Leave it to us, we will take care of railway operations.”

The hacker collective's statement continued by saying: “Thank you kindly for the 3.5TB worth of data. Normally, we'd threaten to leak it if you don't pay us, but we are thoughtful hackers.

“Instead, we've decided to give all of your employees the week off.

3.5 Terabytes would be equivalent to roughly 56 million documents.

The hacker collective concluded with a promise: “We know it's difficult not having access to files, therefore we will be sure to make all of them publicly available in the coming days.

“Have a great rest of your week.”

A separate note, in English, said: “This is an official notice regarding the seizure of your domain due to your cooperation in Russian military operations.”

Historically, Nebula, has taken credit for multiple other hacks on Russian government computers, which it has then made publicly available.

According to photos released by the hacker collective on their Twitter account on Wednesday morning, Nebula had gained access to the cameras in Tehtrans' meeting rooms and had spied on the corporation's employees. Moreover, the server's name, RAIL-SRV, supports the argument that Tehtrans was involved with Russia’s rail industry.

Depending on the browser used, visitors to the corporation's website are now greeted with a playable version of Pac-Man, the early video game.

Since the start of the full-scale invasion of Ukraine, Russia's infrastructure has been routinely hacked by international and Russian hackers. The rise of hacking being done by Russians against state entities and enterprises that support the war effort has recently increased.

Early in the war, NB65, a collective allegedly consisting of hackers formerly linked with the “Anonymous” group, successfully hacked into the Russian government's space agency, Roscosmos and blocked its ability to communicate with the space organization's Central Command Center before uploading malware to that had been developed by the Russian government itself.

A different organization, which claimed to be Russian, calling itself the Russian National Republican Army (NRA), hacked IT corporations whose technologies are used by the Russian military and intelligence services – in attempts to make them vulnerable to future hacking attacks.
More...

I read the article. There's no Pacman on their site, as they simply restored their data from backups most likely. Non story.
 
Overnight said:
I read the article. There's no Pacman on their site, as they simply restored their data from backups most likely. Non story.
More...

As I noted.... the public webserver is very quick and easy to restore from a web image backup --- assuming they have no backroom operations tied to the public webserver (for example to handle rail requests). I will note that this appears to be a public web server uncoupled from backroom operations. Hence the quick restoration is hardly surprising.

Recovering the core servers running your operation (email, documents, payroll, database, etc.) take a lot more time assuming you have a recent backup (which I expect this rail company does).

Now we can wait on the dump of 3.5T of the company's data in a few days.
 
gwb-trading said:
As I noted.... the public webserver is very quick and easy to restore from a web image backup --- assuming they have no backroom operations tied to the public webserver (for example to handle rail requests). I will note that this appears to be a public web server uncoupled from backroom operations. Hence the quick restoration is hardly surprising.

Recovering the core servers running your operation (email, documents, payroll, database, etc.) take a lot more time assuming you have a recent backup (which I expect this rail company does).

Now we can wait on the dump of 3.5T of the company's data in a few days.
More...

No ransom, and no Pac-man to play on a Russian railroad website? Nobody cares! Next!
 
Overnight said:
No ransom, and no Pac-man to play on a Russian railroad website? Nobody cares! Next!
More...

Well the Russian government cares. This hack probably disrupted their shipments of military gear and supplies to Ukraine for about a week.

BTW --- are you using YaBrowser or Chrome? These are the only two browsers that would have let you play Pac-man on their hacked website. Admittedly the website has been restored at this point to the proper corporate image.

Note the article is a day old (August 23rd). The hack took place on the 21st or 22nd.
 
gwb-trading said:
Well the Russian government cares. This hack probably disrupted their shipments of military gear and supplies to Ukraine for about a week.

BTW --- are you using YaBrowser or Chrome? These are the only two browsers that would have let you play Pac-man on their hacked website. Admittedly the website has been restored at this point to the proper corporate image.
More...

Would have been more funnier if the hackers had put Tetris up there instead of Pac-Man, because if memory serves, it was developed by a guy in one of the former Soviet blocs, and the guy had to escape the USSR to get it published before they confiscated it.
 
You must log in or register to reply here.
Back
Top