Hackers Leak 1,000 Documents from Russian Defense Export Company Rosoboronexport

The leak comes amid reports that Russia is conducting cyber operations against Ukraine

  Files leaked from Rosoboronexport
Hackers of a group called the Russian Cyber Command have leaked around 1,000 documents allegedly stolen from Rosoboronexport (roe.ru), the only state intermediary agency for Russia’s defense-related imports and exports.

Hackers of a group called the Russian Cyber Command have leaked around 1,000 documents allegedly stolen from Rosoboronexport (roe.ru), the only state intermediary agency for Russia’s defense-related imports and exports.

The hacktivists posted the following message next to a link pointing to the leaked files:

“Taken into consideration recent Russian Government delusional attempts to start WWIII, we – Free from Putin – people of Russian Federation - Free computer renegades and outlaws from IT Security – have decided to initiate a true domestic CyberWar on Russian Military Enterprises and eventually we shall deliver critical infrastructure companies on which Russian Putin’s Empire stands on.”

According to a statement posted on CyberGuerrilla.org, the hackers stole the files after hacking into the systems of India’s embassy in Moscow. After accessing the embassy’s networks, they sent a maliciously crafted email to Rosoboronexport’s CEO. This is how they’ve allegedly breached the organization’s servers.

“Same way we have infected SUKHOI, OBORONPROM, GAZFLOT, RUSAL and VELES CAPITAL and many others, but we shall deliver them right after this very first leak,” the hackers said.

The data leak appears to be legitimate, but it’s difficult to say for certain if it is. The files, totaling close to 500 Mb, have been uploaded to BayFiles. A preview of the leak has been published on imgur.com.

Currently, the Russian military is occupying the Ukrainian peninsula of Crimea. However, reportedly, there’s movement in cyberspace as well.

On March 2, the Georgetown Security Studies Review revealed that there were indications that Russia launched cyber operations against Ukraine, just as it did back in 2008 when it invaded Georgia.

Experts noted that Crimea is vulnerable to cyberattacks due to the positioning of its Internet exchange points.

“While it cannot yet be confirmed that Russia is, in fact, conducting cyber operations in the Crimean Peninsula, the international community should carefully monitor the situation. As the crisis develops, there are a number of indicators that would demonstrate that Russia is pursuing a cyberstrategy similar to the one it used in Georgia,” they explained.

Valentyn Nalivaichenko, the head of Ukraine's SBU security service, has confirmed that the members of the Ukrainian parliament have been targeted in an “IP-telephonic attack” for two days in a row.

According to Reuters, Nalivaichenko revealed that illegal equipment was installed at telecoms firm Ukrtelecom at the entrance to Crimea in an effort to block the communications of officials, regardless of their political affiliation.

Security services in Ukraine are working on addressing the issue.

1 Comment