Moscow hackers revealed the secrets of the contractor of the FSB

Hackers broke into the server of a Moscow IT company, which the BBC Russian Service calls a "secret FSB contractor".
Origin source
From the documents copied by the hackers, it follows that the company worked on projects dedicated to collecting data from users of social networks, de-anonymizing users of the Tor browser, and researching how Runet communicates with the global network.

Hackers broke into the server of the Moscow IT-company "Sytech" (SyTech), which could non-publicly conduct at least 20 IT-projects commissioned by the Russian special services and departments, writes BBC Russian Service. She calls the company "a secret FSB contractor." Hacking, according to her, occurred on July 13 (at the time of publication, the site remained unavailable). On the same day, hackers posted a few screenshots on Twitter, thereby showing, in particular, that they erased much of the data from the computer of the affected company.

But before, the hackers partially copied and shared the information from Sytek with Digital Revolution - a group that in December last year claimed responsibility for hacking the server of the Kvant research institute under American sanctions (the US Treasury pointed out that the institute was connected to the FSB).

From the archive "Siteka", which Digital Revolution sent to journalists, it follows that the company carried out work on at least 20 non-public IT-projects ordered by Russian special services and departments, according to the material of the Russian service Bi-bi-si.

In particular, in 2012, Sytek developed the Nautilus-S software package, designed to de-anonymize users of the Tor browser (allows users to bypass censorship, hide their data and enter the darknet). One of the results of this work was to be “a database of users and computers actively using Tor networks,” writes the BBC Russian Service referring to documents transmitted by hackers.

Prior to that, “Sytek”, according to journalists, worked on the project “Nautilus”, designed to collect information about users of Facebook, MySpace and LinkedIn. In addition, as follows from the documents, Sytek was going to find a vulnerability in the BitTorrent network protocol (the Reward project), through which users can download movies, music, programs and other files via torrents, the BBC Russian Service writes .

According to the publication, the company developed the Mentor program, which was supposed to check the e-mail of the right respondents (at the customer’s choice) at a specified time interval or to assemble an “intellectual group of extraction” according to the given word combinations. Another project “Siteka” - “Hope” - is dedicated to creating a program that accumulates and visualizes information about how the Russian segment of the Internet is connected to the global network, the BBC Russian Service notes.

SkyTech carried out most of the non-public projects by order of military unit No. 71330, according to the material. This customer is listed, for example, in the projects “Hope” and “Mentor”. “Experts of the International Center for Defense and Security in Tallinn believe that this military unit is part of the 16th Directorate of the Federal Security Service of Russia, which is engaged in electronic intelligence,” writes BBC Russian Service. "Nautilus-S" "Sitek" developed by request of the Research Institute "Kvant". The customer of the project "Reward" is not specified in the documents. The BBC was not able to find out if Sytek found a customer for the Nautilus project.

“It is possible that this is the largest data leak in the history of the work of Russian special services on the Internet,” the BBC Russian Service states. She did not succeed in contacting the hackers who took responsibility for hacking "Sytek". FSB did not respond to the request.