The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Russia

Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks

Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks

March 03, 2022Ravie Lakshmanan
As the ongoing Russia-Ukraine conflict continues to escalate, the Russian government on Thursday  released  a massive list containing 17,576 IP addresses and 166 domains that it said are behind a series of distributed denial-of-service (DDoS) attacks aimed at its domestic infrastructure. Some of the noticeable domains in the listing released by Russia's National Coordination Center for Computer Incidents (NCCCI) included the U.S. Federal Bureau of Investigation (FBI), Central Intelligence Agency (CIA), and websites of several media publications such as the USA Today, 24News.ge, megatv.ge, and Ukraine's Korrespondent magazine. As part of its recommendations to counter the DDoS attacks, the agency is urging organizations to ringfence network devices, enable logging, change passwords associated with key infrastructure elements, turn off automatic software updates, disable third-party plugins on websites, enforce data backups, and watch out for phishing attacks. "Use Russ
Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides

Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides

February 25, 2022Ravie Lakshmanan
Ukraine's Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia's military invasion of the country. "Mass  phishing emails  have recently been observed targeting private 'i.ua' and 'meta.ua' accounts of Ukrainian military personnel and related individuals," the CERT-UA  said . "After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages." Subsequently, the attacks leverage the contact information stored in the victim's address book to propagate the phishing messages to other targets. The Ukrainian government attributed the activities to a threat actor tracked as UNC1151, a Minsk-based group whose "members are officers of the Ministry of Defence of the Republic of Belarus." In a follow-up  update , the agency said the nation-state group a
U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine

U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine

January 21, 2022Ravie Lakshmanan
The U.S. Treasury Department on Thursday announced sanctions against four current and former Ukrainian government officials for engaging in "Russian government-directed influence activities" in the country, including gathering sensitive information about its critical infrastructure. The agency said the four individuals were involved in different roles as part of a concerted influence campaign to destabilize the nation, while also accusing Russia's national security authority, the Federal Security Service (FSB), of recruiting Ukrainians in key positions to create instability. Two of the officials, Taras Kozak and Oleh Voloshyn, are alleged to have worked to amplify false narratives and undermine confidence in the Ukrainian government, while Vladimir Sivkovich, former Deputy Secretary of the Ukrainian National Security and Defense Council, attempted to build support for Ukraine to officially cede Crimea to Russia. "Russia has directed its intelligence services to
Russia Blocks Tor Privacy Service in Latest Censorship Move

Russia Blocks Tor Privacy Service in Latest Censorship Move

December 10, 2021Ravie Lakshmanan
Russia has stepped up its censorship efforts in the country by fully blocking access to the Tor web anonymity service, coinciding with the  ban  of six virtual private network (VPN) operators, as the government continues its efforts to control the internet and crack down on attempts to circumvent locally imposed web restrictions. The Federal Service for Supervision of Communications, Information Technology and Mass Media, also known as Roskomnadzor, the watchdog responsible for monitoring, controlling and censoring Russian mass media, announced the block, accusing it of enabling access to illegal content, Reuters  reported  this week. Russia  accounts  for 15% of all Tor users, with more than 310,000 daily users, second only to the U.S. Tor, short for The Onion Router,  enables  users to automatically encrypt and reroute their web requests through a network of Tor relays for anonymizing network traffic, as well as help bypass censorship and protect their identities from the intern
Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

September 11, 2021Ravie Lakshmanan
Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service (DDoS) attack by a new botnet called Mēris. The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests per second (RPS), dwarfing a recent botnet-powered attack that came to light last month,  bombarding  an unnamed Cloudflare customer in the financial industry with 17.2 million RPS. Russian DDoS mitigation service Qrator Labs, which disclosed details of the attack on Thursday, called  Mēris  — meaning "Plague" in the Latvian language — a "botnet of a new kind."  "It is also clear that this particular botnet is still growing. There is a suggestion that the botnet could grow in force through password brute-forcing, although we tend to neglect that as a slight possibility. That looks like some vulnerability that was either kept secret before the massive campaign&#
Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

September 24, 2019Wang Wei
Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace, producing highly specialized hacking techniques and toolkits for cyber espionage. Over the past three decades, many high profile hacking incidents—like hacking the US presidential elections , targeting a country with NotPetya ransomware , causing blackout in Ukrainian capital Kiev , and Pentagon breach—have been attributed to Russian hacking groups, including Fancy Bear  (Sofacy), Turla ,  Cozy Bear ,  Sandworm Team  and Berserk Bear. Besides continuously expanding its cyberwar capabilities, the ecosystem of Russian APT groups has also grown into a very complex structure, making it harder to understand who's who in Russian cyber espionage. Now to illustrate the big picture and mak
Russia Fines Facebook $47 Over Citizens' Data Privacy Dispute

Russia Fines Facebook $47 Over Citizens' Data Privacy Dispute

April 12, 2019Wang Wei
Yes, you read that right! Russia has fined Facebook with 3,000 rubles, roughly $47, for not complying with the country's controversial Data Localization law. It's bizarre and unbelievable, but true. In December last year, Russian Internet watchdog Roskomnadzor sent notifications to Twitter and Facebook asking them to provide information about the location of servers that store the personal data of its citizens. Roskomnadzor – also known as the Federal Service for Supervision in the Sphere of Telecom, Information Technologies, and Mass Communications – is Russian telecommunications watchdog that runs a huge blacklist of websites banned in Russia. Though the social media platforms had one month to reply, they choose not to disclose this information, as a result of which Moscow's Tagansky District Court imposed 3,000 rubles fine on Twitter last week and the same on Facebook today. The fine is the minimum that Russian courts can impose on companies for violatin
Russia to Fine Search Engines for Linking to Banned VPN services

Russia to Fine Search Engines for Linking to Banned VPN services

June 09, 2018Mohit Kumar
In its years-long efforts to censor the Internet by blocking access to a large number of websites in the country, Russia has now approved a new bill introducing fines for search engines that provide links to banned sites, VPN services , and anonymization tools . VPNs, or Virtual Private Networks , are third-party services that help users access block banned websites by encrypting users' Internet traffic and routing it through a distant connection, hiding their location data and access sites that are usually restricted or censored by a specific country. According to the amendments to the Code of Administrative Offenses of the Russian Federation, besides introducing fines for providing links to banned resources, the lower house of Russian parliament, the State Duma, will also impose fines on search engines if they fail to stop issuing links to resources providing up-to-date database of blocked domains upon users request. According to the bill, individuals who break the law
Russia Bans Proxy Services And VPNs To Purge Extremist Content

Russia Bans Proxy Services And VPNs To Purge Extremist Content

July 26, 2017Wang Wei
Earlier this year, China announced a crackdown on VPNs and proxy services in the country and made it mandatory for all VPN providers and leased cable lines operators to have a license from the government in order to use such services. Now, Russia is also considering to follow a similar path. The Russian Federation Council has just approved a bill that would outlaw the use of virtual private networks (VPNs), the Tor anonymity network, anonymous mobile messaging services and internet proxy services, citing concerns about the spread of extremist materials. VPNs are third-party services that help users access block banned websites by encrypting users' Internet traffic and routeing it through a distant connection, hiding their location data and access sites that are usually restricted or censored by a certain country. The bill to ban VPNs and proxy services has been passed by the lower house of Russian parliament, the State Duma, on Friday, and only needs to be approved by the u
Telegram Agrees to Register With Russia to Avoid Ban, But Won't Share User Data

Telegram Agrees to Register With Russia to Avoid Ban, But Won't Share User Data

June 29, 2017Mohit Kumar
After being threatened with a ban in Russia , end-to-end encrypted Telegram messaging app has finally agreed to register with new Russian Data Protection Laws, but its founder has assured that the company will not comply to share users' confidential data at any cost. Russia's communications watchdog Roskomnadzor had recently threatened to block Telegram if the service did not hand over information required to put the app on an official government list of information distributors. The Russian government requirement came following terrorists' suicide bombings that killed 15 people in Saint Petersburg in April in which terrorists allegedly used the Telegram 's app to communicate and plot attacks. "There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram," said Alexander Zharov, head of Roskomnadzor.  "And to officially send it to Roskomnadzor to include this data in the registry of organizers
Russia Threatens to Ban Telegram Messaging App, Says It Was Used By Terrorists

Russia Threatens to Ban Telegram Messaging App, Says It Was Used By Terrorists

June 26, 2017Mohit Kumar
Russia has threatened to ban Telegram end-to-end encrypted messaging app, after Pavel Durov, its founder, refused to sign up to the country's new data protection laws. Russian intelligence service, the FSB, said on Monday that the terrorists that killed 15 people in Saint Petersburg in April had used the Telegram encrypted messaging service to plot their attacks. According to the new Russian Data Protection Laws, as of January 1, all foreign tech companies have been required to store the past six months' of the personal data of its citizens and encryption keys within the country; which the company has to share with the authorities on demand. "There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram," Alexander Zharov said, head of communications regulator Roskomnadzor (state communications watchdog). "And to officially send it to Roskomnadzor to include this data in the registry of organizers of d
Trump Fires FBI Director Over Clinton Probe, Amid Russia Investigation

Trump Fires FBI Director Over Clinton Probe, Amid Russia Investigation

May 10, 2017Swati Khandelwal
President Donald Trump has abruptly fired James Comey, the director of the Federal Bureau of Investigation (FBI) who was leading an investigation into alleged links between Trump and Russia. The White House announced on Tuesday that Comey was fired on the "clear recommendation" of Deputy Attorney General Rod Rosenstein and Attorney General Jeff Sessions, citing the reason that he was no longer able to lead the bureau effectively. "While I greatly appreciate you informing me, on three separate occasions, that I am not under investigation, I nevertheless concur with the judgment of the Department of Justice that you are not able to effectively lead the Bureau," Trump wrote in a termination letter to Comey. Later a memo from the US deputy attorney general Rod Rosenstein explained that Comey was fired as director of the FBI over mishandling of the inquiry into Hillary Clinton's emails, including his decision to close this investigation without prosecution .
Russian Court bans LinkedIn in Russia; Facebook and Twitter Could be Next

Russian Court bans LinkedIn in Russia; Facebook and Twitter Could be Next

November 12, 2016Swati Khandelwal
As reported late October, the world's largest online professional network LinkedIn is going to ban in Russia beginning Monday following a Moscow court decision this week that found Microsoft-owned LinkedIn to be in violation of the country's data protection laws. Here's why LinkedIn is facing ban in Russia: In July 2014, Russia approved amendments to the Russian Personal Data Law that came into force on 1st September 2015, under which foreign tech companies were required to store the personal data of its citizens within the country. Legislation put in place for protecting its citizens' data from the NSA's worldwide surveillance revealed by whistleblower Edward Snowden. The Russian state's federal media regulator, known as Roskomnadzor, is now threatening to block any company that stored its citizens' personal data on non-Russian servers. Facebook and Twitter could be Next to Get BLOCKED! Not just LinkedIn, even other bigger companies, includ
LinkedIn to get Banned in Russia for not Complying with Data Localization Law

LinkedIn to get Banned in Russia for not Complying with Data Localization Law

October 26, 2016Mohit Kumar
The world's largest online professional network LinkedIn could face a ban in Russia after the company has failed to comply with a Russian data localization law that compels companies to keep data on Russian users in their country. If you are not aware, LinkedIn is the only major social network which is not banned in China, because the company agreed to cooperate with the Chinese government and remove controversial content. However, LinkedIn could be the first social network in Russia to be blocked by the Russian state's federal media regulator, called Roskomnadzor, for not complying with the rules. In July 2014, the Russia approved amendments to the Russian Personal Data Law which came into force in 1st September 2015, under which foreign tech companies were required to store the personal data of its citizens within the country. However, Russia was not the first country to enforce such law on foreign tech companies. A few months ago, Iran also imposed new regulations
Breaking — Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI

Breaking — Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI

October 19, 2016Swati Khandelwal
The alleged Russian hacker arrested by the FBI in collaboration with the Czech police is none other than the hacker who was allegedly responsible for massive 2012 data breach at LinkedIn , which affected nearly 117 Million user accounts. Yevgeniy N , 29-year-old Russian hacker was arrested in Prague on October 5 suspected of participating in conducting cyber-attacks against the United States, according to Reuters . Earlier it was suspected that the hacker could be involved in hacking against the  Democratic National Committee  (DNC), or its presidential candidate Hillary Clinton , intended to influence the presidential election. However, the latest statement released by LinkedIn suggests that the arrest was related to a 2012 data breach at the social network that exposed emails and hashed password of nearly 117 Million users. "We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this
Russian Hacker who was wanted by FBI arrested in Prague

Russian Hacker who was wanted by FBI arrested in Prague

October 19, 2016Mohit Kumar
UPDATE — It Turns out that the Russian Hacker arrested by the FBI is responsible for 2012 LinkedIn Data Breach. ( Read latest update here ) Czech police, in cooperation with the FBI, has arrested a Russian citizen in Prague suspected of participating in conducting cyber-attacks against the United States. Czech police announced the arrest on its official website Tuesday evening, without giving any further details about the man and for what he is wanted for. Yevgeniy N , 29-year-old, alleged Russian Hacker, was arrested after Interpol issued a warrant. Police detained the individual at a hotel in the city's center 12 hours after receiving the order. Officials say he was living in the country with his girlfriend and enjoying a lavish lifestyle, driving expensive cars. Neither the Czech police nor the FBI has issued any details on the charges that led to the arrest of the suspect. "Czech police carried out a successful joint operation with the US Federal Bureau of
Russia Wants to Kick Foreign Tech Companies Out Of The Nation

Russia Wants to Kick Foreign Tech Companies Out Of The Nation

February 13, 2016Unknown
Someone wants to kick Microsoft, Google and Apple off from his land, but himself uses Gmail and Mac. The newly appointed Internet Tsar German Klemenko , who is the first internet advisor of Vladimir Putin , wants to kick off American Giants from Russia. In a 90-minute interview conducted by Bloomberg, Klemenko expressed his interest to vanish the presence of tech biggies of foreign countries from Russia. Google & Apple have to Pay 18% more VAT As part of this, Klemenko plans to hike the tax on foreign companies, including Google and Apple, by 18% VAT on their applications & services sold online. It is estimated that Apple, Google and other companies are nearly gaining RUB 300 Billion (£2.7 Billion, US$4 Billion) in revenue every year from Russia. "When you buy an app from Google Play or the App Store anywhere in Europe, VAT is charged at the place of payment, but not here in our banana republic," says Klemenko. The proposed movement wi
Breaking - Edward Snowden Get 3 More Years In Russia

Breaking - Edward Snowden Get 3 More Years In Russia

August 07, 2014Swati Khandelwal
The individual responsible for one of the most significant leaks in US political history is Edward Snowden, a 31-year-old global surveillance whistleblower and former U.S. intelligence contractor, who has received a three- year residence permit from Russia, his lawyer announced on Today. " On the first of August he received a three-year residence permit, " lawyer Anatoly Kucherena told RT . He had not asked for political asylum, his lawyer added. The former NSA contractor has not apply for Russian citizenship for now, as he will be able to apply for the Russian citizenship in five years. " A foreign citizen, who got a residence permit, will certainly be able to apply for citizenship, " Kucherena said. " He will be able to travel freely within the country and go abroad. He'll be able to stay abroad for not longer than three months ," Kucherena said. Snowden is responsible for handing over material from one of the world's most secretive organisations the NSA. The
Russian Facebook 'VKontakte' Dramatically Fires Original Founder 'Pavel Durov'

Russian Facebook 'VKontakte' Dramatically Fires Original Founder 'Pavel Durov'

April 22, 2014Mohit Kumar
Yesterday reports revealed that Pavel Durov , the 29-year-old founder of Russia's most popular social networking site VKontakte (VK) - Russia's Facebook, had been fired from his post of general director of Vkontakte. On monday, Durov said that the social networking site VK is now under the complete control of two close allies of President Vladimir Putin. Publicly announcing his firing on his VK page he said, " In this way, today VKontakte goes under the complete control of Igor Sechin and Alisher Usmanov. Probably, in the Russian context, something like this was inevitable, but I'm happy we lasted seven and a half years. We did a lot. And part of what's been done can't be turned back. " Last Month on 21st March, the 29-year-old entrepreneur announced submitted his resignation, but earlier this month that he had rescinded his resignation as the company's CEO because it was an April Fool Prank, but unfortunately he supposedly failed to properly withdraw befor
Stuxnet also infected the internal network of a Russian nuclear plant

Stuxnet also infected the internal network of a Russian nuclear plant

November 10, 2013Anonymous
We have a lot of information on Stuxnet virus, a powerful malware that for the first time has shown to governments the capabilities and efficiency of a cyber weapon. Eugene Kaspersky, CEO of Kasperky security firm revealed that Stuxnet had badly infected the internal network of a Russian nuclear plant, according to the information he obtained from an unnamed staffer at the Nuclear Plant. " So unfortunately these people who were responsible for offensive technologies, they recognize cyber weapons as an opportunity ." Kaspersky said. During a presentation given at the Canberra Press Club, Kaspersky provided an excellent overview on the security of cyberspace, in particular highlighting the effect of the activities of state-sponsored espionage and cyber crime. " All the data is stolen, " Kaspersky said. " At least twice ." The malware Stuxnet is widely considered to have been developed by the US Government in a joint work with Israel c
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.