Anonymous vs. Russia: Hackers Say Space Agency Has Been Hacked, Over 1,500 Websites Hit

A hacking group affiliated with Anonymous claimed to have breached the control center of the Russian space company “Roscosmos” and cut off the agency’s control over its spy satellites as part of the ongoing cyber offensive against government targets Russian to protest the invasion of Ukraine. .

“The Russian Space Agency really likes their satellite imagery,” the NB65 group said in a post earlier today, posting accompanying screenshots. “Best of all, they love their vehicle monitoring system. The WSO2 has been removed, the credentials have been rotated, and the server is shut down. Network Battalion won’t give you the IP address, that would be too easy, wouldn’t it? Have a great Monday fixing your spy tech. Glory to Ukraine.”

“We won’t stop until you stop dropping bombs, killing civilians and trying to invade,” NB65 added. “Go back to Russia, damn it.”

The same group carried out a data dump of more than 40,000 files on Sunday which they say were stolen from the country’s Institute of Nuclear Security (IBRAE). “We don’t have the capacity to translate that many Russian materials, so take advantage and let us know what you find,” the group said.

On Monday, an anonymous account reported on Twitter that hackers associated with the collective had removed more than 1,500 websites connected to Russian and Belarusian governments, state media, major banks and corporations over the previous 72 hours.

Accounts reporting their hacks under the hashtags #OpRussia or #OpKremlin on Twitter also said that the Russian Ministry of Labor and Social Protection’s website had been taken offline (and was still down tonight). Anonymous also leaked a database that the hackers claimed came from a breach by the Russian Ministry of Economic Development.

And hackers have hacked into a marine traffic tracking site to give Russian President Vladimir Putin’s yacht “Graceful” a new call sign, ANONYMO, and a new destination, FCKPTN.

Anonymous accounts encouraged those without hacking skills to join Russian social media sites and spread information to counter Russia’s misinformation or lack of information about what is really happening in Ukraine.

They also countered misinformation they said was being spread by Russian trolls using fake Anon accounts to discredit the Anonymous campaign by claiming that on March 3, hackers would hack Russian citizens’ private bank accounts and send the money in Ukraine. “This is fake. Anonymous will not attack the people but the government. Fakes, wait for us! an anonymous account replied.

And the hackers also sued the pro-Russia Conti ransomware group, leaking the group’s internal chats and files. Offensive action may have been what prompted this Conti threat update from the DHS Cybersecurity and Infrastructure Security Agency on Monday, warning stakeholders not to think the threat has subsided: “Conti cyber threat actors remain active and have reported that Conti ransomware attacks against U.S. organizations and international numbers have grown to over 1,000. Notable attack vectors include Trickbot and Cobalt Strike. Although there are no specific or credible cyber threats to the United States at this time, CISA, the FBI, and the NSA encourage organizations to review this advisory and apply the recommended mitigations.

A group called the Belarusian Cyber ​​Partisan said they hacked into railway systems in Minsk, Orsha and Osipovichi to hamper Russian military movement to Ukraine from the country. “Belarusian Railways internal computer network monitoring system,” the group said, posting a screenshot on Twitter. “Obsolete crapware that runs on Windows XP.”

The Cyber-Partisans stressed that their train hack would not endanger civilians: “Manual control mode is activated, which will slow the movement of trains but will NOT create emergency situations.”

Hackers identifying with the collective Anonymous announced the launch of #OpRussia Thursday (Eastern Time), saying their cyber operations initially briefly took down some websites associated with the Russian government. The #OpRussia or #OpKremlin hashtags used to announce actions against Russian sites are similar to Anonymous’s #OpISIS campaign which targeted the terrorist group’s online propaganda wave and the #OpKKK campaign which targets white supremacists.

Members of the collective released a video press release on Saturday swearing that “these actions will continue” because “militants will not sit idly by as Russian forces kill and murder innocent people trying to defend their homeland.”

The hackers acknowledged that “some of our actions may be considered illegal in the eyes of various governments”, but they saw “no reason why Western laws should be used against our actions in trying to protect and defend the Ukrainian people, and also to help educate the Russian people.

The Cybersecurity and Infrastructure Security Agency (CISA) of DHS and the FBI have published a joint council on cybersecurity Saturday providing an overview of the destructive malware that has been used to target organizations in Ukraine as well as advice on how organizations can detect and protect their networks. On Wednesday, Russian cyber forces hit the websites of several Ukrainian banks and ministries with a wave of DDoS attacks.

A Department of Homeland Security briefing in January warned stakeholders that Russia would “consider” launching a cyber attack on the United States if the United States or NATO reacted to the potential invasion of the United States. Ukraine by Russia in a way that the Kremlin perceived as a threat to Russia. Security.

The memo also notes that Russia’s threshold to directly launch a destructive attack on US critical infrastructure with its cyber arsenal “likely remains very high,” although Moscow “continues to target and access critical infrastructure in the United States.” United”.

Anonymous claims hacked over 300 Russian cyber targets in 48 hours, including gas control system