Twitter Thread: For first time in internet history Russia is fair game for cyber attacks, and this is what it looks like

Posted April 19, 2022 in twitter-threads

Background: This is an archived Twitter thread. For more information, read: Elon banned me from Twitter for doing journalism. Good riddance.

Original URL of Twitter thread: https://twitter.com/micahflee/status/1516521193808875527

I don't think people fully appreciate just how much, after invading Ukraine, people are hacking Russia. There are multiple hacks a week and it's only increasing. For first time in internet history Russia is fair game for cyber attacks, and this is what it looks like 🧵

Posted 1:56 PM · Apr 19, 2022, 9,402 Retweets, 39.8K Likes

Distributed Denial of Secrets has been archiving these dumps and making them torrents. DDoSecrets has been around for a few years but made a big splash in 2020, during BLM protests by publishing hacked data on hundreds of US local/federal police sites https://theintercept.com/2020/08/17/blueleaks-california-ncric-black-lives-matter-protesters/

Posted 1:56 PM · Apr 19, 2022, 628 Retweets, 4,574 Likes

Twitter permanently banned the @DDoSecrets account then, and also took the extraordinary step of banning links to ddosecrets dot com itself. Go ahead and try tweeting that URL, it won't work. Anyway, DDoSecrets has 7 Russian datasets from March and another 20 from April (so far)

Posted 1:56 PM · Apr 19, 2022, 596 Retweets, 4,369 Likes

• 817gb from Roskomnadzor, agency that monitors and censors mass media (!)
• 79gb from Transneft, world's largest oil pipline company, state-controlled
• 15gb from Rosatom, the state nuclear energy agency and major exported of uranium
• 2.4gb from RostProekt, a construction company

Posted 1:56 PM · Apr 19, 2022, 521 Retweets, 3,994 Likes

• 110gb from MashOil, manufacturer for drilling, mining, and fracking industries
• 22gb from the Central Bank of Russia
• 5.9gb from Thoriz Corp, investment firm owned by an oligarch billionaire
• 52gb from Marathon Group, another investment first owned by another oligarch

Posted 1:56 PM · Apr 19, 2022, 384 Retweets, 3,297 Likes

• 15gb from the Russian Orthodox Church's charitable wing
• 65gb from Central Legal Services, mostly emails
• 483gb from Mosekspertiza, state-owned firm
• 786gb from VGTRK, state-owned broadcaster that runs dozens of TV/radio stations (!)
• 244gb from Petrofort

Posted 1:56 PM · Apr 19, 2022, 365 Retweets, 3,153 Likes

• 145gb from Aerogas, oil and gas industry
• 35gb from Forest, logging firm
• 116gb from Tver Governor's office, appointed by Putin
• 150gb from the city of Blagoveshchensk

Posted 1:56 PM · Apr 19, 2022, 302 Retweets, 2,800 Likes

Whew... there's still a lot more. It's going to take months and years to look through all of this data. It's hard to picture how this will affect Russia going forward. It's massive.

Posted 1:56 PM · Apr 19, 2022, 380 Retweets, 3,768 Likes

• 446gb from the Ministry of Culture (!)
• 221gb from the education department of Strezhevoy
• 440gb from Technotec, oil and gas industry
• 726gb from Gazprom, oil and gas manufacturer
• 400gb from Continent Express, travel agency

Posted 1:56 PM · Apr 19, 2022, 319 Retweets, 2,902 Likes

• 222gb from Gazregion, construction company that does gas pipelines (hacked by 3 different hacktivists at the same time lol)
• 107gb from Neocom Geoservice, oil, gas, and drilling engineering

Posted 1:56 PM · Apr 19, 2022, 272 Retweets, 2,643 Likes

• 1.2gb from Synesis Surveillance System
• 9.5gb from General Dept of Troops and Civil Construction (works with ministry of defense)
• 160gb from Tendertech, financial and banking processing firm

Posted 1:56 PM · Apr 19, 2022, 263 Retweets, 2,490 Likes

Those last four datasets: those were from TODAY. I know there are several more in the DDoSecrets backlog as well. It's insane.

Posted 1:56 PM · Apr 19, 2022, 245 Retweets, 3,241 Likes

This isn't all that DDoSecrets does at all. It's just been particularly slammed by hacktivism against Russia since the illegal invasion of Ukraine. Here's a great overview from @illegaldaydream, a member of the collective https://backdrifting.net/post/057_what_is_ddosecrets

Posted 1:56 PM · Apr 19, 2022, 452 Retweets, 2,954 Likes

After January 6, DDoSecrets published 5gb of hacked data from the Oath Keeper militia and shared it privately with journalists, which triggered dozens of investigations around the country https://www.npr.org/2021/11/05/1052098059/active-duty-police-in-major-u-s-cities-appear-on-purported-oath-keepers-rosters

Posted 1:56 PM · Apr 19, 2022, 751 Retweets, 4,409 Likes

During the far right anti-vax Canadian "Freedom Convoy", a hacktivist hacked the far right fundraising site GiveSendGo and leaked all their data to DDoSecrets, which shared with journalists. This also triggered dozens of news articles https://theintercept.com/2022/02/17/freedom-convoy-givesendgo-canada-oath-keepers-funding/

Posted 1:56 PM · Apr 19, 2022, 516 Retweets, 3,603 Likes

Even since Russia's war against Ukraine started, DDoSecrets published 4TB of data from "Mining Secrets", a major collaboration of 65 journalists and 20 newsrooms https://forbiddenstories.org/case/mining-secrets/

Posted 1:56 PM · Apr 19, 2022, 455 Retweets, 3,000 Likes

Anyway, I've been working on downloading as much of the hacked Russian data as I can and making it searchable for Russian-speaking journalists. If you have the time and tech skills, you should too! The data is available to everyone

Posted 1:57 PM · Apr 19, 2022, 498 Retweets, 3,395 Likes

And if you want to support DDoSecrets, go to ddosecrets dot com and click "Donate" on the left. The collective works on a shoestring budget, doesn't get paid, and spends very little time fundraising because they're too busy with everyone hacking Russia

Posted 1:57 PM · Apr 19, 2022, 477 Retweets, 3,024 Likes

TODAY DDoSecrets released two new hacked Russian datasets:

• 130gb from Worldwide Invest, investment firm
• 432gb from Sawatzky, property management firm with lots of big clients

Posted 3:18 PM · Apr 20, 2022, 79 Retweets, 532 Likes

The section on the DDoSecrets Wikipedia page for its 2022 releases is woefully out of date, if anyone wants to improve it https://en.wikipedia.org/wiki/Distributed_Denial_of_Secrets

Posted 5:02 PM · Apr 20, 2022, 47 Retweets, 363 Likes

Another release today:

• 211gb from Accent Capital, a commercial real-estate investment firm

Posted 11:10 AM · Apr 21, 2022, 9 Retweets, 121 Likes

I wrote an article about how hacktivists are bombarding Russia with an Unprecedented onslaught of cyberattacks https://theintercept.com/2022/04/22/russia-hackers-leaked-data-ukraine-war/

Posted 1:43 PM · Apr 22, 2022, 31 Retweets, 96 Likes

Another day, another few hundred gigs of hacked emails from a Russian company. Today DDoSecrets published 432gb of data from Enerpred, the largest producer of hydraulic tools in Russia that works in energy, petrochemical, coal, gas and construction

Posted 1:50 PM · Apr 22, 2022, 6 Retweets, 59 Likes

1.1 terabytes (!) of email from ALET / АЛЕТ, a customs broker for companies in the fuel and energy industries, handling exports and customs declarations for coal, crude oil, liquefied gases and petroleum products

Posted 10:17 AM · Apr 25, 2022, 3 Retweets, 39 Likes

More hacks in the last few days:

• 554gb of data from Petersburg Social Commercial Bank
• 1.7tb (terabytes!) from Elektrocentromontazh, Russia's primary electricity utility

Posted 5:02 PM · Apr 29, 2022, 6 Retweets, 20 Likes

The first hacked Russian dataset in May: 20gb of data from LLC Capital, a Russian accounting firm

Posted 3:04 PM · May 4, 2022, 5 Retweets, 14 Likes