Anonymous hacked Russian Thozis Corp, but denies attacks on Rosaviatsia

The Anonymous collective hacked the Russian investment firm Thozis Corp, but it’s a mystery the attack against the Russian Civil Aviation Authority Rosaviatsia.

Anonymous continues to target Russian organizations and private foreign businesses the are still operating in the country. The popular collective claims to have hacked the Russian investment firm Thozis Corp, which is owned by the oligarch Zakhar Smushkin.

The hacktivists have stolen thousands of internal email and shared it with the data leak platform DDoSecrets. At this time 5,500 emails from Thozis Corp., were available online, some of them containing sensitive information about deals and investments of the firm.

“5,500 emails from Thozis Corp., a Russian investment firm owned by Zakhar Smushkin (number 2,674 on Forbes’ billionaire list), which is involved in the project to build the Yuzhny satellite city in Saint Petersburg.” states DDoSecrets. “One of the largest development projects in Russia, it was approved by the Russian government as a priority investment as part of the 2020 Strategy and receives government support.”

Anonymous continues to threaten international businesses that are still active in Russia and Belarus, recently Canadian oilfield services company Calfrac Well Services has suspended investments in the country canceled the supply of equipment, while Decathlon announced the closure of its stores in Russia.

However, in this tumultuous context, there is a high risk that some threat actors could abuse the name of Anonymous to carry out attacks never launched by the collective and conduct false flag operations.

Recently the Russian Civil Aviation Authority (Rosaviatsia) was hacked and attackers wiped 65 terabytes worth of data from the agency’s infrastructure.

Anonymous quickly denied the hacking of the Russian Civil Aviation Authority that released a statement to blaming the incident on the malfunction of the electronic document flow system and the lack of access to the internet.

“Due to temporary lack of access to Internet and malfunction of the electronic document flow system of Rosaviatsia the Federal Agency for Air Transport is switching to the paper version. The document flow procedure is being determined by the current records management instructions,” the translated statement published by IBTimes said. “Information exchange will be carried out via AFTN channel (for urgent short message) and postal mail. Please make this information available to all Civil Aviation Organizations,”

The agency did not confirm if the incident was carried out by threat actors, the AviationHerald reported that the attack hack in Rosaviasta was “presumably carried out by the Anonymous Hacking Group.” 

It is not clear how it is possible to erase a so huge volume of data accidentally.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Anonymous)

[adrotate banner=”5″]

[adrotate banner=”13″]