Hackers reportedly stole 7.5 TB of data from a contractor for the Russian intelligence service FSB, and revealed details on several of its activities or prospective projects, including the collecting of information on users of social media services, Tor and P2P networks.
The contractor, SyTech, has worked for FSB's
radio-electronic intelligence unit 71330 since 2009, according to a report from ZDNet, citing Russian media outlets, including BBC Russia.
The July 13 breach reportedly exposed details on "Nautilus," a plan to gather information on users of Facebook, MySpace, LinkedIn and similar services; "Nautilius-S," a project to deanonymize Tor traffic using Tor servers; and "Reward," a scheme to secretly penetrate P2P networks.
Other leaked projects included "Mentor," a plot to monitor email communications on Russian companies' servers; "Hope," a project to understand how the Russian internet connects to other countries' networks; and "Tax-3," a plan to create a closed intranet to store info on sensitive government officials and judges.
Nautilus-S and Hope were actually tested in the wild, while others may have never passed the research phase or may have been a service offered by SyTech that ultimately didn't find itself a customer, according to reports.
The hackers, who refer to themselves as 0v1ru$, reportedly gained access to SyTech's IT network by initially hacking into its Active Directory server. The hackers defaced the company website, posted screenshots on Twitter and even shared the data with fellow hacking group Digital Revolution, who in turn revealed even more details to Russian journalists and to the public via its own Twitter account.
BBC Russia report states that a review of leaked documents found that SyTech "performed work on at least 20 non-public IT projects ordered by Russian special services and departments. These papers do not contain state secrets or secrets."
SyTech reportedly took down its website after the hack and has not responded to media inquiries. The BBC also said that FSB did not respond to a request for comment.