Hackers stole a database of Russian prisoners to avenge Navalny’s death

(CNN) — Hours after opposition leader Alexei Navalny died in a Russian prison in February, a group of anti-Kremlin hackers demanded revenge.

Using their access to a computer network connected to the Russian prison system, the hackers posted a photo of Navalny on a hacked prison contractor’s website, according to interviews with the hackers, screenshots and data reviewed by CNN.

“Long live Alexei Navalny!” Read a message on the hacked website, which had a photo of Navalny and his wife Yulia at a political rally.

This screenshot, provided to CNN by the hackers who claimed responsibility, shows a website linked to the hacked Russian prison system, displaying messages of support for the late Russian opposition leader Alexei Navalny.

In a stunning security breach, they also appear to have stolen a database containing information on hundreds of thousands of Russian prisoners and their relatives and contacts, including data on inmates at the Arctic penal colony where Navalny died on February 16, according to the hackers. .

Hackers claiming to be of different nationalities, including Russian and Ukrainian foreigners, have been sharing data including phone numbers and email addresses of prisoners and their relatives, “in the hope that someone can contact them.” with them and helps to understand. What happened to Navalny,” a hacker who claimed to be involved in the leak told CNN.

In addition, hackers used their access to the Russian prison system’s online commissary, where family members buy food for inmates, to change the prices of products such as noodles and canned meat to one ruble, which is equivalent to about $0.01. Screenshots and online store shopping videos posted by hackers.

Usually, those products cost more than a dollar.

It took the administrator of the prison’s online store several hours to realize that the Russians were buying food for pennies, a hacker involved. And it took three days before the jail store’s IT staff could completely block the discount offered by the hacker, according to his account.

“We were looking at (online store access logs) and it kept moving faster and faster with more and more customers making purchases,” the hacker said in an online chat while providing data to CNN that he was involved in the hacking.

The hackers claim that the database contains information on about 800,000 prisoners and their families and contacts. A review of the data by CNN found several duplicate entries in the database, which still contains information on millions of people. CNN was able to match the names of several prisoners in screenshots shared by the hackers with PEOPLE, who, according to public records, are currently in Russian prisons.

The jail online store that the hackers appear to have tapped into is owned by the Russian state and officially known as JSC Kaluzhskoe, according to Russian business records reviewed by CNN. JSC Kaluzhskoe serves 34 regions of Russia.

CNN has requested comment from JSC Kaluzhskoe, Russia’s Federal Penitentiary Service (known as FSIN) and individual administrators of the websites the hackers claim.

On February 19, a day after hackers defaced the website and replaced it with a photo of Navalny, JSC Kaluzsko posted on the Russian social media platform VK that it had experienced a “technical glitch” that caused “prices of food and basic necessities” to drop. was gone Be reflected “wrongly”.

Tom Hagel, a cybersecurity expert with experience analyzing data dumps, said the leaked data showed every indication of being authentic and originating from a hacked prison store.

The hackers “clearly had complete access to everything,” said Hagel, who is a senior risk researcher at US cybersecurity firm SentinelOne. “The number of images captured and the data provided is quite complete.”

A new chapter of ‘hacktivism’

The hacking group sent notes to administrators of the jail’s online store, warning them not to remove pro-Naval messages from the website. When the website’s administrators refused, the hackers retaliated by destroying one of the administrators’ computer servers, the hacker claimed.

Navalny, a charismatic political leader who denounced Russian government corruption, died under mysterious circumstances on February 16 in a prison in the Yamalo-Nenets region, about 1,900 kilometers northeast of Moscow. The United States holds Russian President Vladimir Putin responsible for Navalny’s death, President Joe Biden has said.

Politically motivated hacking, or “hacktivism”, has been rampant for more than two years since Russia’s full-scale invasion of Ukraine. In the days following the attack, a Ukrainian retaliated by leaking internal data from a Russian ransomware gang that showed the group’s alleged ties to Russian intelligence.

Pro-Ukrainian hackers of various stripes have joined the fray, claiming responsibility for attacks against a Russian Internet provider, for example, and against websites that broadcast high-profile speeches by Putin last year.

SentinelOne researcher Hagel said the war in Ukraine has “definitely opened a new chapter in the use of hacktivism, which is unprecedented on its current scale.” “Hacktivism has emerged as a powerful tool for various groups to express their perspectives, rally support for their nations, attack perceived opponents, and attempt to influence the course of war.”

The prison’s online store was hacked with messages from people identifying themselves as Russian exiles.

“We, the IT experts, are leaving today’s Russia,” read a message in Russian on one of the prison store’s websites, according to a Feb. 18 screenshot of the website reviewed by CNN. “We love our country and we will return when it is free from Putin’s rule. And we will go all the way this way.”

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button