Pierluigi Paganini October 29, 2016

Hackers of the Cyber Hunta collective leaked thousands of emails allegedly stolen from the account of Vladislav Yuryevich Surkov.

Last week a Russian government website was hacked by the Jester hacker who defaced the website of the Russian Ministry of Foreign Affairs, MID.ru in retaliation for the recent attacks against US targets.

This week a Ukrainian hacker collective called “Cyber Hunta” released a cache of emails linked to the Kremlin’s Vladislav Surkov, also known as the grey cardinal.

Cyber Hunta is a group of hacktivists operates against threat actors from the outside and “internal enemies.”

The group claims to have access breached the internal networks of the Russian presidential administration and the Parliament.

Experts from the Atlantic Council’s Digital Forensic Research Lab who analyzed the Surkov leaks confirmed that email account hacked by the attackers, prm_surkova@gov.ru, was apparently managed by Surkov’s assistants.

“The hacked inbox was for prm_surkova@gov.ru, which was handled by his secretaries or assistants, including a “Masha” (Mariya) and “Yevgenia” (last names unclear). The majority of the emails are briefings from Surkov’s assistants, such as Aleksandr Pavlov. ” states the Atlantic Council’s Digital Forensic Research Lab.

On the other side, the Russian Government denied that the leaked emails belong to Surkov as he did not use email.

According to the Ukrainian security service, the SBU, the leaked emails are genuine, the Associated Press who analyzed the leaked email share the same opinion.

The Ukranian hacker leaked a 1 Gb Outlook data file (.pst) containing 2,337 messages. Some messages contain information about the current internal political developments in the Republic of Abkhazia, Republic of South Ossetia, Ukraine, and the Republic of Moldova.

The precious archive includes email messages related to the war in Donbass, including government expense data and a list of casualties. The messages also show connections between the pro-Russia separatists in eastern Ukraine and Russian government and pro-Russia separatists that operated in the area to destabilize the Ukrainian government.

Who is behind the Cyber Hunta? In the group linked to some governments that is opposite to the Kremlin? Which one?

Perhaps in time we will have some answers.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Cyber Hunta, data breach)