Hacktivists of the Russian Cyber Command (Rucyborg) group have announced another data leak. This time, they’ve targeted the Russian Industrial Investment Fund, a semi-governmental investment company established by a decree of the president of Russia.
“Today we aren’t going to say much, since we aint got nothing to say pretty much, except that Putin has lost his mind. Russian Industrial Investment Fund is one of the biggest Russian ‘non-profit’ as they declare organization but they attract investments into Russian economy,” the hackers wrote on Cyber Guerilla next to links to the leaked data.
They claim to have stolen information from the personal computer of the organization’s president, Alexandr Bagnuk. They say the leaked documents contain information on “critical Russian business operations and shadow banking.”
A total of over 900 Mb of information (750 Mb compressed split up into two files) has been leaked. The hackers have also published a preview consisting of 39 images on imgur.com. A total of 1,400 documents, spreadsheets, image files, archives, PowerPoint presentations and videos have apparently been stolen.
Most of the documents are written in Russian, but there are some in English. The files published by Rucyborg also include a copy of Bagnuk’s ID card.
A lot of other Russian organizations are on the hacktivist group’s list of targets. It remains to be seen which one of them is next.
There are a lot of cyber operations surrounding Russia these days and Rucyborg’s attacks are only a small part of the whole picture.
Last week, Rucyborg leaked files from the systems of SearchInform, a Russian company with apparent ties to the FSB. The same group has also stolen data from Rosoboronexport, a major defense-related imports and exports company.
Russia has also been targeted by hackers shortly after authorities decided to block several news websites at ISP level. The blocked websites are known for criticizing Russian President Vladimir Putin, but officially, this doesn’t have anything to do with the decision.
In response to the blockade, a number of government websites, including the one of the Kremlin, were disrupted with DDOS attacks.
While no hacktivist groups appear to show support for Russia, at least not directly, one of the country’s intelligence agencies is suspected of developing a piece of malware that has been used in numerous cyber espionage operations.
This year, the campaign, which has been dubbed “Snake,” has mainly targeted Ukraine. The infections coincide with Russia’s invasion of Crimea, so the cyberattacks might have been part of an intelligence gathering operation by the Russian government.