Russia Cracks Tor? Hackers Dump 7.5TB of FSB Secrets
Hacking group 0v1ru$ has unveiled a huge cache of data stolen from Russia’s notorious federal security service, the FSB. Hidden among the more boring bits is a secret project to de-anonymize Tor.
The Onion Router is an open source project to anonymize your browsing. It’s a thorn in the side of government security services everywhere.
But is this sky-falling, killer news? Or ho-hum, nothing-to-see-here filler? In today’s SB Blogwatch, we ask the questions.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: more moon.
ФСБ Против Луковая
What’s the craic, Zak? Mister Doffman reports, “Russia’s Secret Intelligence Agency Hacked”:
Hackers have successfully targeted FSB—Russia’s Federal Security Service. [They] managed to steal 7.5 terabytes of data.
…
FSB is Russia’s primary security agency with parallels with the FBI and MI5, but its remit stretches beyond domestic intelligence to include electronic surveillance overseas and significant intelligence-gathering oversight … reporting directly to Russia’s president. … A hacking group under the name 0v1ru$ … reportedly breached SyTech, a major FSB contractor.
…
BBC Russia broke the news … and shared details of contentious cyber projects: … social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia’s ongoing initiative … for splitting off a “Russian internet” … (Hope and Tax-3).
…
The fact of the breach itself, its scale and apparent ease is [notable]. … Contractors remain the weak link in the chain for intelligence agencies worldwide.
Crikey. Catalin Cimpanu adds, “Hackers breach FSB contractor”:
The breach took place … on July 13, when … 0v1ru$ hacked into SyTech’s Active Directory server from where they gained access to the company’s entire IT network, including a JIRA instance. … And they defaced the company’s website with a “yoba face,” an emoji popular with Russian users that stands for “trolling.”
…
[They] later shared the stolen data with Digital Revolution, another hacking group [which] shared the stolen files … with Russian journalists. … While most of the projects look to be just research [that] all intelligence services carry out, there are two that appear to have been tested in the real world.
The first was Nautilus-S … for deanonymizing Tor traffic. … The second project is Hope … which analyzed the structure and make-up of the Russian segment of the internet.
…
The hacked company has taken down its website since … and refused media inquiries.
Sounds big, right? Zack Whittaker cracks:
This is absolutely nuts.
Tor is broken? beepsky sounds sanguine:
[Tor] network has over 6000 relays, and you need to own at minimum 2 in the chain of 3 to deanonymise someone. … Getting selected as a relay in someone’s tunnel is absolutely based on luck.
…
[We] shouldn’t be concerned about people attacking Tor. … If it’s possible to break Tor, then breaking it is a good thing, because in the long run it results in patches and improvements … (the Tor Project’s policy of telling researchers they shouldn’t be attacking the network is harmful for everybody).
But dontbenebby notes it’s not news:
It sounds like the attack is not unusual or unknown – they’re spinning up malicious nodes then trying to drive traffic to those nodes via DDoS. This is a common technique and unfortunately … there’s not much that can done about it.
And neither is it news to Santosh83:
Nobody with an ounce of intelligence can believe … that the most powerful intelligence agencies in … the world will stand idly by and watch a protocol/network be completely opaque for them. … It is safe to assume that many if not most Tor exit nodes are govt run … and one or more of the top intelligence agencies of the world can break Tor.
Wait. Pause. Are we guilty of double-standards? LordWabbit2 seems a tiny bit frustrated:
The NSA has been doing this for years. Russia’s trying to play catchup.
…
This Russiafobia **** is getting on my ****. It’s OK if the US interferes with another country’s elections, or spies on everyone, or invades countries, but if anyone else does it they are the DEVIL!!!
…
But of course, we can trust the Americans, they would never ever do anything bad. … (That was sarcasm for you dimwitted Americans.)
Meanwhile, @R0oTk1t doesn’t get it:
How does one exfiltrate 7.5TB of data? Especially without any alarm bells sounding.
And Finally:
In case you haven’t had enough Apollo 11 yet
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE.
