Hacktivism

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Anonymous claims to have hacked the systems of the German subsidiary of Russian energy giant Rosneft and stole 20TB of data.

The Anonymous hacker collective claimed to have hacked the German branch of the Russian energy giant Rosneft. In hacktivists announced to have stolen 20 terabytes of data from the company.

According to the German website WELT, the attack on Rosneft Deutschland GmbH will have “relevant effects.”

The news of the attack was also confirmed by the German Federal Office for Information Security (BSI), the company had reported an IT security incident on Saturday night. 

The BSI has offered its support to investigate the security breach, while the WELT reported that the authorities have issued a security warning to other stakeholders in the petroleum industry. 

“According to reports, ongoing business will not be affected by Rosneft – but the systems have been significantly affected.” reported the WELT. “Various processes are disrupted, including the possibility of concluding contracts. Security circles suspect the hacker collective “Anonymous” to be behind the attack.”

Rosneft was already hit by Anonymous in the past, the website of Rosneft’s international was blocked by a massive DDoS attack the end of February. 

The attack could have a significant impact in Germany, it is reported that the company was responsible for about a quarter of crude oil imports to Germany.

The news of the attack was also reported on Anonleaks, Anonymous claimed to have breached the company on March 11, 2022.

Anonymous condemned the operation of the company and the relationship of Ex chancellor Gerhard Schröder with Putin.

“Ex-Chancellor Gerhard Schröder is the chairman of the board of directors of Rosneft in Russia. Rosneft boss Igor Ivanovich Sechin is a Russian politician and manager. He has been a close confidante of Vladimir Putin since the 1990s. According to reports, in 2003, as deputy head of the presidential administration, he was a co-initiator of the legal prosecution and ultimately the breakup of what was once the largest oil company, Yukos.” reported Anonleaks.

Rosneft subsidiaries abroad were not impacted by sanctions against the energy giant, for this reason Anonymous decided to attack it.

“Sanctions on Rosneft and a completely unaffected subsidiary abroad – evading sanctions has never been easier and such holdings still bring foreign exchange to Russia.” continues Anonymous.

Anonymous claimed to have compromised the company’s virtual machines, UPS and more. The attack was likely discovered on March 10, 2022 and the data exfiltration was interrupted.

“The plan came up to pull all available data completely, which was relatively easy to implement via a simple FTP connection, which also pulled with 5.5GB/s. Nevertheless, it was to be expected that the system would remain in the system for a long time, because in total one had access to almost 25 terabytes, in addition to the backups also folders with documents, one had access to the iPhones and iPads of the employees.” concludes the report. “But unfortunately the download was stopped in between. Not because you got caught, not that, you’ve been in the systems continuously and non-stop for almost two weeks, loading the data. But last Friday, the very stable FTP connection broke down because their entire system gave up in the evening and suddenly there was no internet. The entry point itself still worked, but you couldn’t get any further because the system used behind it was no longer connected to the Internet.”

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, BazarLoader)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

4 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

10 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

22 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

This website uses cookies.