Anonymous hacked other Russian organizations, some of the breaches could be severe
The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations.
Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online.
Below the organizations breached in the last three days, since my previous update:
Tendertech is a firm specializing in processing financial and banking documents on behalf of businesses and entrepreneurs. The list of the partner banks of the firms includes Transcapitalbank, Bank Uralsib, Bank Soyuz, RGS Bank, Bank ZENIT and Otkritie Bank. Anonymous claims to have stolen 426,000 emails and leaked an archive of 160 GB in size.
GUOV i GS – General Dept. of Troops and Civil Construction is a construction company that works on projects in the interests of the Russian Ministry of Defense. “GUOV i GS” is wholly owned by the Russian Ministry of Defense through JSC Garnizon (formerly Oboronservis) and JSC GUOV / ГУОВ, the Main Directorate for the Arrangement of Troops with 49% and 51% shares, respectively. Anonymous claims to have stolen 15,600 emails and leaked an archive of 9.5 GB in size.
Synesis Surveillance System – Anonymous claims to have hacked the Synesis and Kipod surveillance systems. Synesis is under US sanctions due to Russia’s invasion of Ukraine. According to DDoSecrets, data was gathered in August 2020. It was leaked now in response to the Belarusian government taking control of the system. According to a statement on the company’s website, the transition of control of the system will result in the end of the Kipod software.
Neocom Geoservice is an engineering firm specializing in exploring oil and gas fields and providing drilling support. Their primary clients include Gazprom, Orenburgneft, Samotlorneftegaz, Tyumenneftegaz, and Rospan International. Anonymous claims to have stolen 87,500 emails and leaked an archive of 107 GB in size.
Gazregion is a construction company specializing in gas pipelines and facilities. Gazregion’s clients include Gazprom, and has thousands of kilometers of pipelines as part of the Russian Federation’s program to transport gas throughout the different regions. Three different hacktivist sources (Anonymous, NB65, Porteur) submitted files from Gazregion at approximately the same time, with some overlap. The hacktivists leaked a 222 GB in size, containing emails, files and decryption keys.
The Anonymous-linked group ‘GhostSec’ (@GS_M4F14) announced to have gained access to the IT system of Metrospetstekhnika, which is the provider of ‘every metro in Russia and threatens to disrupt its operations.
One of the most active hacking crew, the Network Battalion 65, also claimed to have hacked another Russian bank, JSC Bank PSCB. The hackers said that they had access to credentials stored in the Chrome web browser.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.