Pierluigi Paganini April 20, 2022

The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations.

Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online.

Below the organizations breached in the last three days, since my previous update:

• Tendertech is a firm specializing in processing financial and banking documents on behalf of businesses and entrepreneurs. The list of the partner banks of the firms includes Transcapitalbank, Bank Uralsib, Bank Soyuz, RGS Bank, Bank ZENIT and Otkritie Bank. Anonymous claims to have stolen 426,000 emails and leaked an archive of 160 GB in size.
• GUOV i GS – General Dept. of Troops and Civil Construction is a construction company that works on projects in the interests of the Russian Ministry of Defense. “GUOV i GS” is wholly owned by the Russian Ministry of Defense through JSC Garnizon (formerly Oboronservis) and JSC GUOV / ГУОВ, the Main Directorate for the Arrangement of Troops with 49% and 51% shares, respectively. Anonymous claims to have stolen 15,600 emails and leaked an archive of 9.5 GB in size.
• Synesis Surveillance System – Anonymous claims to have hacked the Synesis and Kipod surveillance systems. Synesis is under US sanctions due to Russia’s invasion of Ukraine. According to DDoSecrets, data was gathered in August 2020. It was leaked now in response to the Belarusian government taking control of the system. According to a statement on the company’s website, the transition of control of the system will result in the end of the Kipod software.
• Neocom Geoservice is an engineering firm specializing in exploring oil and gas fields and providing drilling support. Their primary clients include Gazprom, Orenburgneft, Samotlorneftegaz, Tyumenneftegaz, and Rospan International. Anonymous claims to have stolen 87,500 emails and leaked an archive of 107 GB in size.
• Gazregion is a construction company specializing in gas pipelines and facilities. Gazregion’s clients include Gazprom, and has thousands of kilometers of pipelines as part of the Russian Federation’s program to transport gas throughout the different regions. Three different hacktivist sources (Anonymous, NB65, Porteur) submitted files from Gazregion at approximately the same time, with some overlap. The hacktivists leaked a 222 GB in size, containing emails, files and decryption keys.

The Anonymous-linked group ‘GhostSec’ (@GS_M4F14) announced to have gained access to the IT system of Metrospetstekhnika, which is the provider of ‘every metro in Russia and threatens to disrupt its operations.

One of the most active hacking crew, the Network Battalion 65, also claimed to have hacked another Russian bank, JSC Bank PSCB. The hackers said that they had access to credentials stored in the Chrome web browser.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Anonymous)

[adrotate banner=”5″]

[adrotate banner=”13″]