// Privacy NEWS // Russian Secret Services Want to Deanonymize the Tor Network

2년 전

Hackers attacking a Russian secret service subcontractor have discovered several projects including Nautilus-S, an attempt to reveal the identity of Tor network users.


While the Russian authorities are often highlighted as sponsors of piracy, they can also become a target. And today, it is one of its IT subcontractors, SyTech, that paid the price for the 0v1ru$ hacker group.

Far from raising state secrets, this data theft operation - 7.5 TB nevertheless - has uncovered IT projects of the FSB, the Russian secret services, for which SyTech works through the Quantum Research Institute.

0v1ru$ - The 0v1ru$ hackers left a small souvenir on the cover page of SyTech's website

Among the various projects that BBC journalists have been able to get their hands on - the "white knight" pirates and so the Nautilus-S.

Tor is a decentralized computer network that has the particularity of (partially) anonymizing traffic. Blessed bread for many user profiles, from minorities to activists, journalists and other citizens under surveillance - and of course, criminals of all kinds.

Tor is widely used in Russia, with citizens of the federation even being the second largest users of the network after the Iranians.

This poses a problem for the FSB, which does not like to see people evading state surveillance.

Capture d’écran (64).png

The "Nautilus-S" project is not new since it dates back to 2012. Based on compromised connection nodes, it had even been highlighted by researchers at Karlstad University in Sweden in 2014, detailing attempts to decrypt these "spy servers".

But this is the first time the press has had original files attesting to the Russian origin of the attack on Tor.

And not only: in the 7.5 TB of files, hackers have identified many of the projects SyTech is working on:

  • Nautilus: a project to collect data on social network users (Facebook, LinkedIn, etc.).

  • Nautilus-S: the project to deanonymize Tor traffic via infected servers.

  • Reward: project to infiltrate P2P networks such as BitTorrent.

  • Mentor: project to monitor and search for e-mails on Russian company servers.

  • Hope: research project on the topology of the Russian Internet and how it connects to networks in other countries.

  • Tax-3: a project to create a closed intranet that stores data from senior state officials, from judges to local government officials. A network that would be separate from the traditional network infrastructure.

Russia has clearly announced that it wants a sovereign network that will limit foreign espionage by keeping Russian connections within the territory, but also isolate itself in the event of a foreign attack... and keep its users under its control.

With the current tensions between the Western world and Russia, as well as the many spy scandals it is quite legitimate for a state's services to consider protecting themselves.

The problem for Russian citizens is that these devices can also be used as a means of compartmentalizing - and thus isolating - the population from the "international" Internet. We're not that far from the Iron Curtain....

Source: BBC Russia (in Russian) via ZDnet

Stay Informed, Stay Safe



Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!