Search This Blog

Showing posts with label Russia. Show all posts

A Russian-speaking hacker put up for sale the accounts of the heads of the world's largest companies

 A Russian-speaking hacker under the pseudonym Byte leaked passwords from the personal profiles of managers of many large companies in the world

Data for accessing the personal accounts of Microsoft's online services and the email addresses of several hundred senior executives are put up for sale on a Russian-language hacker forum.  This was done by a Russian-speaking hacker under the pseudonym Byte. The seller claims that he has hundreds of passwords of different top managers from all over the world. He is ready to confirm the authenticity of the data to the buyer.

Offer to sell credentials appeared on a private forum for Russian-speaking cybercriminals. The description states that you can purchase email addresses and passwords to access the accounts of Office 365 and other Microsoft services of presidents, their deputies, CEOs, and other high-ranking executives of companies from around the world.

Byte asks for each address from $100 to $1500, the price directly depends on the size of the company and the position held by the account owner.

An information security specialist entered into negotiations with the seller to confirm how relevant the database offered for sale is. For verification, he received the credentials of two accounts: the CEO of an American software development company and the CFO of a chain of retail stores in one of the EU countries. As a result of verification, he got access to the data of these people. 

The attacker did not disclose the source of the data but claims that it can provide access to hundreds of accounts.

Analysts at KELA reported that the person selling these credentials previously tried to purchase information collected from computers infected with the Azorult malware. It usually contains usernames and passwords that the program extracts from victims' browsers.

This incident once again highlights the need for better data protection. Two-factor authentication or 2FA is often recommended.

Group-IB presents patented-technologies to protect against cyber threats

The international company Group-IB presented its own patented technologies designed to identify hackers, search for threats on the Internet and investigate cybercrime

Using artificial intelligence technology, the patented system of Group-IB has helped Interpol identify members of the Nigerian hacking group TMT, which has attacked hundreds of thousands of private and state-owned companies in recent years.

In addition, Group-IB was involved in the Carding Action 2020 operation of Europol and the UK police, which aims to combat the illegal market for the sale of stolen bank cards. Using its own technologies, Group-IB analyzed and transmitted to the police data on 90 thousand compromised cards of clients of financial organizations in Europe. As a result, it was possible to prevent damage that could have been caused to European banks in the amount of 40 million euros.

"Law enforcement agencies effectively use our technology in cybercrime investigations to find criminals. There is a result, so our technologies work, "said Ilya Sachkov, founder and CEO of Group-IB.

Group-IB presented its solutions at the CyberCrimeCon 2020 cybersecurity conference. The Threat Intelligence&Attribution system, which has no analogs, saves all possible data about hackers, including those that were tried to delete, and sets detailed information about them, up to the identity of the criminals.

The second system, Threat Hunting Framework, is able to protect the entire company: from traditional IT networks to remote workplaces of employees. The AI system finds unknown threats and targeted attacks both inside and outside the protected perimeter, giving the security service the tools to properly respond to an incident.

All Group-IB technologies are integrated into a single system that automatically blocks attacks and immediately goes to specific criminals.

Russia was included in the list of countries with the most active hackers

The company Group-IB, which specializes in the disclosure of IT crimes, listed the countries from which cyber attacks are most often committed. This list includes China, Iran, North Korea, and Russia

Hacker attacks are most often carried out from China, Iran, North Korea and Russia, according to the report Hi Tech Crime Trends 2020 of the company Group-IB. The Asia-Pacific region was the most attacked in the second half of 2019 and the first half of 2020.

Groups of hackers associated with the security services are mainly concentrated in China, where they counted 23, in Iran — 8 groups, in North Korea and Russia — 4 groups, in India-3 groups, in Pakistan and the Gaza Strip-2 groups. Another one is in Vietnam, Turkey and South Korea. At the same time, their main area of interest is the Asia - Pacific region, as well as Europe.

According to a report, Russia and the United States were less likely to be attacked. So, 15 campaigns were conducted in the United States and 9 in Russia. They were attacked by groups from China, North Korea and Iran. Russia also recorded one attack by Kazakhstan's security services and the United States - from the Gaza Strip and Pakistan.

Experts note that the attacking teams are actively replenished with tools for attacks on physically isolated networks. So, this year, incidents occurred at nuclear facilities in Iran and India.

Another high-profile attack was a sabotage attempt in Israel, where water supply systems were targeted, where hackers tried to change the level of chlorine content. 

Russian expert warned about the dangers of password theft during video conferencing

Anton Kardanov, head of the information security sector at AT Consulting, warned that motion recognition systems can be used by cybercriminals to steal the personal data of users during video conferences. According to him, a special algorithm can read the movement of hands over the keyboard if they fall into the field of view of the camera, which poses risks to the user's privacy.

“The Artificial intelligence (AI) algorithm with high precision can restore the typed text if the video shows the movement of the arms and shoulders," said Mr. Kardanov.

It is reported that the program first removes the background and turns the image into gray tones, and then focuses on the hands — as a result, the algorithm leaves only the contours of the hands and shoulders and monitors their movements. They are used to restore the text typed on the keyboard.

Thus, an attacker can recognize passwords, passport data, Bank card numbers, and other information that the user types on the keyboard during a video call.

Meanwhile, Maxim Smirnov, commercial Director of IVA Technologies, believes that visual recognition of hand movements and, in particular, text typed on the keyboard is quite realistic, but developers will have to work hard on the quality and accuracy of the technology, which is not an easy task.

"Remote work and video conferences are our new reality, as well as new opportunities for fraudsters and new threats to users", said Sergey Zabula, head of the group of system engineers for working with partners, Check Point Software Technologies in Russia.

Earlier, Group-IB also reported possible attacks using motion recognition technology. According to the company, you can protect yourself from scammers by hiding important information from the camera's field of view.

The Ministry of Digital Development of the Russian Federation developing monitoring application to combat COVID-19

The Ministry of Digital Development, Communications and Mass Media of the Russian Federation (the Russian Ministry of Digital Development) will launch an application to track contacts of patients with COVID-19

The head of the Department Maksut Shadaev confirmed that the Ministry of Digital Development is completing testing of a mobile application under the name "Stopcoronavirus. My contacts". It will be used to track the social contacts of Russians to fight the coronavirus.

According to the app's video presentation, the Phone will scan a person's surroundings within a radius of up to ten meters. All contacts will be recorded anonymously on his device. If someone gets sick, the person who contacted them will receive a notification about the possible risk. A sick person will have to report their illness via the app. To do this, they will need to enter a special code. Presumably, it can be obtained only by passing a positive test for coronavirus. This is necessary in order to avoid false notifications.

It is reported that the information will be anonymous, the identity of the patient will not be disclosed. Data is automatically deleted after 14 days. According to the presentation, the app "cares not only about your health, but also about personal data, does not collect or give away any personal information."

Mr. Shadaev said that the use of the app will be " absolutely anonymous and safe." "No registration required — just install and activate it. At the same time, installing the app, as well as informing about the fact of the disease— is a voluntary matter, but the more users install it, the wider the coverage will be," he said.

The development was carried out by the Ministry of Digital Development in cooperation with the Moscow government, as well as "in partnership with Apple and Google". The app should be available in the App Store and Google Play soon.

It's worth noting that the app uses Bluetooth-based anonymous "coronavirus" monitoring technology, launched this year jointly by Apple and Google. Devices, iPhones or Android smartphones, will communicate with each other via the Bluetooth Low Energy (BLE) short-range protocol. Applications based on this technology are already working in many countries.

Banks offered the Central Bank of Russia to create a centralized mechanism to combat fraudsters

According to the Vice-President of the Association of Banks of Russia Alexey Voilukov, information processing can take several hours or even days, while a fraudster can withdraw money from the card within an hour.

President of the Association of Banks of Russia Georgy Luntovsky sent a letter to Vadim Uvarov, Director of the Information Security Department of the Bank of Russia, with a proposal to organize direct interaction between market participants in order to exchange data on suspicious transactions.

Now financial organizations use an automated system to inform the Regulator about all operations that have signs of being performed without the knowledge of customers. Then the Regulator accumulates all the collected data about attacks and returns them to banks in a consolidated form. According to Alexey Voilukov, information processing can take several hours or even days, while a fraudster can withdraw money from the card to which they were withdrawn within an hour. 

Mr. Voilukov noted that the creation of a centralized mechanism will speed up the exchange of information by about five times, and the time for providing information in some cases will be reduced to 20-30 minutes.

"For example, several people complained to the Bank about unauthorized transfers within an hour. It detects a fraudulent account and promptly sends information about it to the organizations from which the money was transferred. With a quick response, there is a chance to prevent theft," he explained Mr. Voilukov. According to him, this scheme of work will allow us to fight against fraudsters who work using social engineering methods.

The Central Bank told that they will study the proposals. VTB, MKB, Rosbank and Tinkoff support the Association of Banks of Russia initiative. VTB added that the system for exchanging information on incidents needs to be improved, as this will speed up and automate the processes of the rapid response of banks to fraudulent attacks.

Cyber criminals scam bank customers pretending to be from bank security

 Attackers call a potential victim and offer to install an app on their phone that "reliably protects money from theft." And then, with the help of this app, they steal the money from the card or get a loan on behalf of the victim.

According to Sergey Sherstobitov, head of the Angara information security integrator, fraud is committed using a malicious program that can intercept passwords when they are activated in banking applications. Then, with their help, the attackers can easily transfer funds to another account.

Dmitry Kuznetsov, head of methodology and standardization at Positive Technologies, warns that Bank employees never ask customers for card or account details.

The police do not exclude that such fraud may be widespread and asks Russians to remain vigilant.

According to the Central Bank, the activity of telephone scammers increased four times in the first six months of this year. In total, the regulator recorded more than 360 thousand unauthorized transactions with funds of Russians for a total of about 4 billion rubles ($51,8 million). Banks returned about 485 million rubles ($6 million) of stolen money to their clients.

The low percentage of refunds from the Bank is due to the fact that people, in fact, become victims of their own free will. After all, the client signs an agreement with the Bank that prohibits the transfer of confidential information about the Bank card to third parties, said lawyer Yakovlev.

However, it should be noted that the data of clients of Russian banks has risen in price on DarkNet. Ashot Hovhannisyan, the founder of the DLBI DarkNet search and monitoring service, explains that the increase in the cost of such services indicates a decrease in the number of offers on the market. This, in turn, means that credit institutions reduce the chances of hackers to steal data and increase security.

The Russian expert point out which smartphones are most vulnerable to surveillance

According to Anton Averin, Deputy Director of the Institute of Information Technologies of the Synergy University, if you wish and need, you can track almost any smartphone, both using standard utilities preinstalled on devices, and with the connection of specialized programs and other vulnerabilities. The most popular surveillance targets are Android devices.

"According to world statistics for 2020, the share of devices running Android OS is 70-71% and this indicator remains almost unchanged since almost all mobile device manufacturers use this operating system in their smartphones. Android devices are in demand among cybercriminals because of the great demand, as well as the availability vulnerabilities,” noted the expert.

With iOS devices, too, not everything is as good as it may seem. Although Apple positions its products as one of the most secure, they also have accidents. For example, there are periodic leaks of user data from the “Cloud".

Mr. Averin added that the more "holes" on the software and hardware, the more vulnerable the device is to attackers. 

In addition, recently the head of the IT Department of the software developer Reksoft, Yevgeny Chertok, called a way to disable surveillance on a smartphone. According to him, if you delete a number of applications, you will be able to disable surveillance by those who collect user information by default for advertising purposes. At the same time, the expert stressed that it will not be possible to completely exclude the possibility of surveillance by the special services.

The Russian Duma has introduced a bill to strengthen control over foreign e-wallets

The document obliges citizens to report to the Federal Tax Service on the movement of funds in their foreign electronic wallets

Parliamentarians have submitted to the State Duma a bill according to which Russian citizens will have to report to the tax authorities on the use of foreign e-wallets. For refusing to do this, its authors propose to fine Russians by 40% of the amount transferred to these wallets for the year.

"Those who do not comply with the law can be fined 40% of their annual income. The law applies only to transactions over 600 thousand rubles ($7,600). This is done to ensure that citizens comply with the law," explained Anatoly Aksakov, one of the authors of the new bill, a State Duma Deputy and Chairman of the Council of the Russian Banking Association.

The Creator of the law noted that earlier e-wallets were simply overlooked. Now the new norm has restored a gap in the legislation. First, the innovation will affect those Russians who have accounts abroad in the form of electronic wallets.

"This law will most of all affect those who have accounts abroad, for example, those who work or study there. I think that a fine of 40% is quite a decent amount that will make you think about whether to hide your accounts and, most importantly, operations,” said Aksakov.

Previously, Russian banks were required to inform the tax service about the opening of personalized e-wallets. Financial organizations automatically send data to the Federal Tax Service, in addition, during a tax audit, they are required to notify the tax authorities about wallet transactions.

In addition, in August, Russia banned adding cash to anonymous e-wallets. Restrictions also made it impossible to add cash to transport cards where they are implemented in the form of an electronic wallet.

The transition of critical IT infrastructure to Russian domestic software and equipment is postponed

The necessary Russian developments are still in short supply. Owners of critical information infrastructure still find the transition difficult to implement

The Ministry of digital development, communications and mass communications of the Russian Federation proposed to oblige owners of critical information infrastructure (CII) to switch to the preferable use of Russian software from 2024, and to Russian equipment from 2025. This is stated in the draft presidential decree published on the portal of normative legal acts.

The first version of the decree was published in May, it provided for the transition of the CII to Russian software from 2021, and to Russian equipment from 2022.

The proposed deadlines raised concerns among the owners of CII - banks and industry.

Several owners of critical information infrastructure pointed to the immaturity of the domestic software and hardware market. "Often there is a single developer or supplier of software or hardware of a certain class, which negatively affects pricing," said one of the owners. According to another owner, this single supplier will not be motivated to improve quality.

The Association of Russian banks in June asked the Bank of Russia to support the postponement of the transition to domestic software. Bankers said that the transition in a short time will entail significant expenses, and currently domestic manufacturers do not have the necessary equipment. The Central Bank supported this proposal, sending relevant comments to the government and the presidential administration.

At the end of 2019, the government issued a decree on the introduction of a temporary ban (for two years) on public procurement of foreign data storage systems for use on critical information infrastructure facilities.

The law on critical information infrastructure security came into force on January 1, 2018. It provides for the connection of CII objects to the state system for detecting, preventing and eliminating the consequences of computer attacks. 

Ahead of U.S. Presidential Elections, Experts Express Cybersecurity Concerns


From the start of this year, according to government agencies, the 2020 U.S. presidential election was said to be one of the "safest" elections to be conducted to date. Compared to the 2016 U.S. elections, voting machines are almost risk-free; the systems leave no trace of the paper record's history. Also, this time, the government has gone all-in to ensure election security from criminal actors. Chris Krebs, director of DHS (Department of Homeland Security) cybersecurity, in an election awareness video said he's never been more sure of a safe election than this. 

Security officials released the video last month, informing about election cybersecurity. However, the harsh reality is, the Russian cyberattacks during the 2016 elections have not entirely disappeared. To avoid the recurrence of that episode, experts suggested that the government spend billions of dollars building a robust cybersecurity system; however, Congress spent only a fraction of that. Meanwhile, social media companies dominate control over influence operations and propaganda on social media; the government seems to take no action. Cybersecurity experts insist the social media is still spreading fake news, and American users in some way have helped the spread of this fake news. 

Potential Vulnerabilities 

According to NPR, "experts agree that actual votes themselves would probably be the most difficult part of an election to hack successfully. The problem has only gotten tougher. In 2016, nearly 28 million voters cast ballots that did not have a corresponding paper trail: a major cybersecurity red flag." Meanwhile, almost every American suspects that some foreign foe may impact the vote count; no evidence suggests that such a thing happened in the 2016 presidential elections. It includes the incident where Russian hackers breached into the registration databases. 

"Stark says that the way officials can demonstrate through public auditing is a process that not every state uses. Even among the countries that do some audit, only a few do what is considered the "gold standard" of post-election audits, called risk-limiting audits. Sen. Ron Wyden, D-Ore., has proposed legislation to mandate such audits nationwide, but election reforms have gained little to no traction with the Republican-controlled Senate," says NPR.

Russian experts predict a shortage of cybersecurity specialists

Despite the funding cuts caused by the pandemic crisis, companies around the world are going to hire more and more cybersecurity specialists. But the shortage of specialists in the market is already observed and will only increase next year

The recruiting agency HeadHunter confirmed the growing demand for specialists in the field of cybersecurity, the number of vacancies for such specialists in Russia is growing at a double-digit rate. If for the whole of 2018 more than 17 thousand of them were opened, then from January to October 2020 - almost 30 thousand.

Natalia Golovanova, head of the SuperJob research center, notes that specialists and managers in the field of information security are most in-demand today in IT and financial companies. “Now the competition in this segment of the labor market is only 2.5 CVs per vacancy, which indicates a lack of specialists and a low level of competition,” she said.

Next year, Golovanova expects "a smooth increase in demand for specialists in the field of information security”.

It is worth noting that the average market salary of information security specialists is now 150 thousand rubles ($1,800) in Moscow, and 130 thousand rubles ($1,600) in St. Petersburg, and 320 thousand ($4,000) and 300 thousand rubles ($3,700) for information security directors.

Oleg Sedov, Director of Development for the Cybersecurity for the Population business at Rostelecom-Solar, confirms that the demand for information security specialists is significantly higher than the supply. "The problem of personnel is manifested not only in the shortage of employees but also in the lack of qualified specialists,” said Sedov.

According to a study by the consulting company PwC, more than half (52%) of Russian companies plan to increase spending on information security in 2021, and 42% of organizations intend to increase the number of employees employed in this area.

For example, PwC estimates that more than 3.5 million new cybersecurity jobs will be opened worldwide in 2021.

The study was conducted based on the results of a survey of more than three thousand managers of companies, technology and information security departments in various industries.

Russian Cyber Criminals started using bots to deceive victims

Fraudulent call centers started using bots to filtering distrustful victims in order to force them to call back and assist them on their own

According to experts, this approach makes it possible to reduce the cost of attacks on victims and increase conversion.

"The robot says: "Your card in this bank is blocked, call us back at this number”. When the victim calls back, allegedly the bank's security officers answer, ” explained Artem Gavrichenkov, technical director of Qrator Labs. He added that scammers make up to hundreds of calls a day using such robots.

Fraudsters also use fake IP telephony service numbers, bulk SMS sending services and messages in Messengers on behalf of the Bank, said Sergei Nikitin, deputy head of the Group-IB computer forensics laboratory.

The fraudsters in this case used "reverse social engineering", said Alexey Drozd, head of the information security department at SerchInform. In such cases, the victim calls the attackers.

Andrey Zaikin, Head of Information Security at CROC, explained that people are not used to the use of robots by scammers, this increases the credibility of hackers.

The technology also makes the attack cheaper, adds Mikhail Kondrashin, technical Director of Trend Micro in Russia and the CIS. A robot is a simple software for auto-calling, notes Mr. Zaikin. Developers of voice platforms usually do not charge a fee for creating such a bot, and the average cost of a call is 2.5–3.5 rubles ($0.3-$0.4) per minute.

Previously, many fake call centers operated from prisons, but recently, according to Group-IB, most are organized outside and sometimes even abroad. According to experts, international cooperation at the state level is necessary to neutralize them.

Federal Agencies Warned the US Healthcare System on Facing An “Increased and Imminent” Threat of Cybercrime


A couple of days back the FBI and two federal agencies, the Department of Homeland Security and the Department of Health and Human Services issued a caution that they had “credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers”. 

This news comes after federal agencies cautioned that the US healthcare systems are confronting an “increased and imminent” danger of cybercrime, and that cybercriminals are releasing an influx of coercion endeavors intended to lock up hospital information systems, which could hurt patient care similarly to cases of Coronavirus are on a steady rise. 

The cyberattacks include ransomware, which scrambles information into the hogwash that must be opened with software keys given once targets pay up. Independent security specialists state it has 'already hobbled at least five US hospitals' this week, and might affect hundreds more. 

Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement, “we are experiencing the most significant cybersecurity threat we’ve ever seen in the United States." 

The US has seen a plague of ransomware in the course of the recent 18 months with significant urban cities from Baltimore to Atlanta hit and local governments and schools hit especially hard.

In September, a ransomware attack shook all 250 US facilities of the hospital chain Universal Health Services, constraining doctors and nurses to 'depend on paper and pencil for record-keeping and slowing lab work'. 

Employees described disorderly conditions blocking patient care, including mounting trauma centers wait and the failure of wireless vital signs monitoring hardware. 

Alex Holden, CEO of Hold Security, which has been intently following the ransomware being referred to for over a year, said he informed the federal law enforcement after monitoring infection endeavors at various hospitals. 

Furthermore, added that the group was demanding ransoms above $10 million for each target and that criminals involved on the dull web were talking about plans to attempt to infect at least 400 or more hospitals, clinics, and other medical facilities.

“One of the comments from the bad guys is that they are expecting to cause panic and, no, they are not hitting election systems,” Holden said. “They are hitting where it hurts even more and they know it.”

The cybercriminals launching the attacks are said to have been utilizing a strain of ransomware known as Ryuk, and while nobody has proved the speculated ties between the Russian government and groups that utilization the Trickbot platform, Holden said he has “no doubt that the Russian government is aware of this operation – of terrorism”.

Numerous fraudulent sites disguised as well-known brands have appeared on the Runet

In autumn, experts recorded mass registration of domain names with the names of well-known brands in the .RU zone

Specialists at Infosecurity, a Softline company, recorded mass domain registration in Runet with the name of well-known brands and the ending –off, which can be used for sales.

As an example, the company cited the domain names,,, and According to the head of the Infosecurity special server Sergey Trukhachev, on October 20, the Ethic threat detection service detected the registration of 192 such domains. All of them are registered through the same Russian structure with servers at ISPIRIA Networks Ltd, located in Belize (Central America). As Trukhachev noted, the company is often used for hosting malicious sites.

At the end of September, the appearance of hundreds of similar domains in Runet was noticed by SearchInform. According to Alexey Drodd, head of the company's information security department, it’s about very diverse brands (furniture companies, clothing stores, jewelry stores, mobile retail).

According to Kirill Kirillov, co-founder of BrandMonitor, domains with the names of major brands are registered every day, and the earnings of scammers depend on the method of monetization. For example, according to Kirillov, counterfeit dealers can earn 3-10 million rubles ($39,000 - $117,000) annually.

Such a site can be blocked in a day if it is obvious that it is phishing or distributes malicious software. There are also cases when it is technically impossible to block access to a resource: if their servers are located in a country where hosting providers do not block sites (for example, in Belize).

The companies surveyed said they monitor domain registrations with similar names and fight them when signs of fraud appear.

Russian experts says the number of cyber threats increased during COVID-19

Cyber attack prevention experts recorded a sharp increase in the number of cyber threats and outlined the main trends in computer crimes during the COVID-19.

The report was presented at the international forum of the Academy of Management of the Ministry of Internal Affairs of the Russian Federation "Strategic development of the system of the Ministry of Internal Affairs of Russia: state, trends, prospects".

The main conclusion of the study is the rapid growth of computer crime, primarily financial fraud using social engineering, as well as the exploitation of the COVID-19 theme in malicious mailings, switching operators of encryption viruses to large targets, as well as active recruitment of new participants to criminal communities.

According to the Ministry of Internal Affairs, one of the main trends of digital transformation is the development of remote methods of committing crimes, crimes have gone from offline to online. Almost 70% of registered crimes related to illegal arms trafficking in 2020 were committed using the Internet - remotely and anonymously. The same applies to the illegal sale of drugs, counterfeit money, securities and documents.

Throughout 2020, Group-IB recorded an increase in the number of financial scams using social engineering - vishing, phishing -the victims of which were mainly Bank customers.

At the same time, the fraud implementation schemes themselves have not actually changed. The main motive of cybercriminals is the same: stealing money or information that can be sold. Now it is popular to sell fake digital passes, send messages about fines for violation of quarantine, fake courier sites, fraudulent mailings on behalf of the Zoom video conferencing service.

This year has given birth to even more groups and partner programs, as well as new collaborations. So the operators of the QakBot banking Trojan joined Big Game Hunting, and recently the FIN7 group, which actively attacked banks and hotels, joined the REvil ransomware partner program. The size of the ransom has also increased significantly: cryptolocker operators often ask for several million dollars, and sometimes tens of millions.

United States Charged Six Russian Intelligence Officers with Involvement in An Unrestricted Huge Hacking Campaign


With involvement in an 'unrestricted huge hacking campaign', which incorporates the famous Petya ransomware attacks which have focused mainly on Ukraine in 2015, as of late, the Justice Department has charged six Russian intelligence officers. 

Residents and nationals of the Russian Federation (Russia)the six officials were also in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces.


The government claimed that the group that had attacked Ukraine has likewise hacked different computers promoting the 2018 Winter Olympics in South Korea. It likewise hacked and leaked emails of people related to Emmanuel Macron's 2017 campaign for president of France. 

Besides this, they additionally focused on the companies exploring the poisoning of former Russian operative Sergei Skripal two years ago in Britain. 

All the six hackers are GRU officers; the government said that for over two years, they had battled tirelessly to recognize these Russian GRU Officials who interweaved in a global campaign of hacking, disruption, and destabilization, representing the most dangerous and destructive cyber-attacks ever.

The GRU burrowed into three electrical administration systems and cluttered circuit breakers remotely, it was one of the first cyber-attacks and had a cyber firm that consistently focused on critical infrastructure.

The authorities had at first scrutinized and reprimanded North Korea for the strike yet later found that the GRU utilized North Korean hacking tools to throw off the experts. 

That is the motivation behind why the special agent of FBI Michael Christman insisted that the warrant is the result of over two years of strong investigation by the FBI, a position that was kept up by an agent who worked the case.

Here are the names and the acts done by the hackers referenced below: -


The FBI has regularly indicated that Russia is very equipped for a cybersecurity adversary, and the information uncovered in this statement shows how omnipresent and harming Russia's cyber activities are. 

While Russia is probably not going to capture the detainees, it is unlikely that they will attain any trial too.

Expert opinion: how the digital currency of the Bank of Russia will change the future of the country

Announcing the possible appearance of the digital ruble, the Russian Central Bank joined dozens of world Central banks that have begun research and experiments in the field of creating national digital currencies.

Yevgeny Marchenko, Director of E. M. FINANCE, was one of the first to share his opinion on the issue. The expert is sure that the introduction of the digital ruble is necessary to increase the convenience of payments for citizens.

Also, among other advantages for citizens and banks, the introduction of the electronic ruble will allow the Bank of Russia to better regulate the country's economy.

The official representative of the Garantex cryptocurrency exchange, Tatyana Maksimenko, noted that it will be increasingly difficult to conduct gray and black schemes since cash flows will be under control — both foreign and domestic.

According to independent expert Leonid Khazanov, the digital ruble is primarily beneficial to the Bank of Russia and the Federal Tax Service. According to him, it will be possible to more effectively control the movement of cash flows in the country and it will be easy to identify any user who has an electronic wallet, which means complete transparency of all transactions. And no one can create several accounts or disguise themselves in any way, each legal entity and individual can only have one e-wallet.

Experiments by Central banks in a number of countries with the national digital currency reveal unsolved problems: for example, the inability to control cross-border movements or the potential use of anonymizers that make it difficult to track payments. The fate of digital currencies, including the ruble, depends on whether regulators will be able to close these gaps.

United States rejected Putin's offer to cooperate on cybersecurity

The US authorities for the first time publicly responded to the proposal of Russian President Vladimir Putin to resume cooperation in the field of international information security. US Assistant Attorney General for National Security John Demers called the Kremlin's initiative "nothing more than false rhetoric, cynical and cheap propaganda.” And Secretary of State Mike Pompeo said that Russia is dismissive of public security and international stability in cyberspace.

On September 25, Vladimir Putin invited the US authorities to resume cooperation in the field of international information security, which began in 2013 but was frozen due to disagreements over Ukraine and Russia's alleged interference in the 2016 US presidential election.

The President of the Russian Federation then stated that the dialogue in the cyber sphere should not be a "hostage" of political disputes, and proposed a four-point program for restoring cooperation.

In a statement, the Russian President said that "the risk of a large-scale confrontation in the digital sphere is one of the main strategic challenges of our time." "Special responsibility" for preventing cyberwarfare lies, as the Kremlin said, "on key players in the field of international information security," that is, primarily on Russia and the United States.

On October 7, in an interview with the Russia TV channel, Vladimir Putin complained that there was no response to his proposal from the United States. "Unfortunately, as with a number of our other initiatives, there is no response to this, I believe, very important topic, although there are continuing complaints against us about our hyperactivity in the information sphere, interference in elections there, and so on, which have absolutely no basis,” said Mr. Putin.

The Russian Embassy denies the US charge of six Russians in hacking

The Russian Embassy in Washington denies US accusations against Russian citizens of hacking and destabilizing activities around the world

Russia has not been and is not engaged in carrying out cyberattacks in the world, said the Russian Embassy in Washington. The Department believes that the accusation of Russians in hacking is aimed at warming up Russophobic sentiments.

Earlier, the US Department of Justice and the FBI brought charges against six Russians of involvement in a series of hacker attacks and the spread of malware in order to attack the infrastructure of other countries. In particular, they are charged with spreading the NotPetya virus in 2017. It is alleged that these individuals are GRU employees. 

The Russian Embassy said that Russia "has no intention of engaging in any destabilizing operations around the world", as this does not correspond to foreign policy and national interests.

"It is quite obvious that such information occasions have nothing to do with reality and are aimed only at warming up Russophobic sentiments in American society, at deploying a "witch hunt" and espionage,” said the Embassy. According to the document, the US authorities are destroying Russian-American relations and artificially imposing on the Americans "a toxic perception of Russia and everything connected with it."

According to the US Department of Justice, the damage to the United States from the actions of Russian hackers amounted to more than $1 billion. They attacked companies and hospitals in the United States, Ukraine's energy systems, the French presidential election, and the Winter Olympics in Pyeongchang. US Secretary of State Mike Pompeo said this shows Russia's disregard for public security and international stability in cyberspace.