Anonymous attacks many organizations in Russia | Share To World

Saturday, March 12, 2022

Anonymous attacks many organizations in Russia

  Prak Vichet       Saturday, March 12, 2022

Data belonging to many organizations in Russia was deleted by Anonymous hacker groups, or renamed to a message calling for a cessation of conflict.

Security researchers from website-building platform Website Planet estimate that the Anonymous hacker group and its affiliates have infiltrated most of the cloud databases, belonging to various organizations in Russia. These systems, which are not properly configured, are easily accessed from the outside without authentication.

Jeremiah Fowler, an American security researcher living in Ukraine, author of a blog post on Website Planet, said that when randomly checking 100 poorly secured Russian databases, at least 92 systems were compromised.

In many cases, hackers penetrated in a manner similar to the MeowBot attack, finding and deleting vulnerable databases without warning. In 2020, more than 11,000 databases were deleted by this attack.

One of the compromised data came from the Community of Independent States (CIS) website, hundreds of folders were renamed "putin_stop_this_war". Another piece of data, belonging to the Russian carrier Green Dot, contains encryption keys whose server address is mail.ru.

Many of the compromised data also contained email addresses and administrative accounts with a very poor level of security. In addition, other amounts of data contained more than 270,000 so-called "users" including email addresses, names, internal codes and administrative accounts. This could make employees of many organizations the next target of data theft attacks, Fowler warns.

Large amounts of unsecured data have been deleted or renamed to something like "putin_stop_this_war", "no_war", "HackedbyUkraine" or cheering messages in Ukrainian.

According to HackRead, it's not too difficult to identify a poorly secured database. Tools like Shodan or Censys can continuously search the database with credentials. As of July 2020, 9,517 vulnerable databases have been identified. At that time, 51% of databases could be found on Elasticsearch, and 49% were on MongoDB.

Russian organizations have become targets of cyber attacks, especially Anonymous hackers, after President Vladimir Putin launched an attack on Ukraine on February 24. On Twitter, Anonymous has declared a "cyber war" against the Russian government.

At the end of February, Anonymous took down the website of the Russian-backed RT TV channel with a distributed denial of service (DDoS) attack technique. The hacker group's Twitter posts sided with Ukraine.

On February 26, this group of hackers announced that they had hacked the website of the Russian Defense Ministry, stealing a lot of data including phone numbers, emails and account login passwords of some officials.

On March 3, the v0g3lSec hacker group, affiliated with Anonymous, said it had penetrated the website of the Russian Space Research Institute (IKI), leaking a lot of data believed to belong to the Russian Space Agency (Roscosmos). Earlier, the NB65 branch of Anonymous announced to disable the satellite control system of the Russian Space Agency (Roscosmos). However, Director Rogozin denied that this organization was hacked.

Source: ZingNews

logoblog

Thanks for reading Anonymous attacks many organizations in Russia

Previous
« Prev Post

No comments:

Post a Comment