Tuesday, January 19, 06:04
Home security Hackers leaked information about an IoT hacking project of the Russian Intelligence Service

Hackers leaked information about an IoT hacking project of the Russian Intelligence Service

The Russian hacking team Digital Revolution claims to have infringed systems an external FSB affiliate, of National Intelligence Service of Russia, and discovered details of a project aimed at hacking Internet of Things (IoT) devices.

The hackers published 12 technical documents data, diagrams and excerpts code for a project called “Fronton".

These items have been released everywhere since a few days earlier BBC Russia revealed the news.

Fronton: The Its IoT botnet FSB

According to the screenshots shown by hackers and researchers' analyzes, the project Fronton describes rather essentials of building an IoT botnet.

The technical documents for Fronton were drawn from one of the internal sections of the FSB, unit no. 64829, also known as FSB Information Security Center.

Documents indicate that InformInvestGroup CJSC, a Russian company that has worked with the Russian Interior Ministry on numerous occasions, has undertaken the construction of an IoT hacking tool.

According to the BBC, InformInvestGroup appears to be working with the software company as well ODT (Oday) LLC based in Moscow. Digital Revolution claims to have violated ODT (Oday) LLC systems in April 2019.

Thus, the hackers gained access to the documents mentioned in and production FSB hacking project. According to documents, the project started to be implemented in 2017 and 2018. Companies behind it, they seem to be inspired by it Mirai, an IoT malware used to build a huge IoT botnet at the end of 2016. Mirai used to make thousands DDoS attacks on various companies.

The documents suggest building a similar IoT botnet that will be made available to the FSB. According to leaked data, the Fronton IoT botnet will be able to perform «Password dictionary attacks"To Appliances and production , which still use factory defaults credentials and common username-password combinations. if she attack he is successful, the IoT device will be integrated into the botnet.

Computer hacker or Cyber ​​attack concept background

Fronton: IoT cameras and NVRS target

Hackers say Fronton botnet specifications allow him to target cameras security and digital video recorders (NVRs). These devices are ideal for DdoS attacks.

"If they are streaming video, they have a large enough communication channel to run DDoS efficiently," the documents said.

About 95% of the botnet should consist of these two types of devices, the documents say. Each infected device will perform "password attacks "on other devices to keep the IoT botnet alive.

In addition, the FSB will manage the botnet through an online admin panel hosted on a command and control (C&C) server located behind a network VPN and proxy serversin order to hide its true position.

The Fronton botnet was capable of targeting smart devices based on Linux, which represent the vast majority of IoT systems today.

Its use Russian language and Cyrillic alphabet were banned strictly throughout the project and in the source code.

Russia FSB: State Russians hackers are used to targeting IoT devices

Russian state hackers have repeatedly tried to hack IoT devices. The IoT hacking project of the Intelligence Service is not a surprise.

In August of 2019, the Microsoft said it had observed one of the top hacking teams breach IoT devices in order to gain access to the internal network of a major target.

This is the third time Digital Revolution has revealed files by a partner of the Russian Intelligence Service.

The first victim was a company named after him Quatum. Digital Revolution violated the systems and disclosed details of social media monitoring programs used by the FSB.

The second victim was a company called Sytech, where the hackers from Ditigal Revolution obtained information on six other secret FSB projects.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement



FCC: Extremists turn to radio equipment after banning from social media

The US government warns that extremists could turn to radio equipment to plan their future attacks, ...

Android: How to make Signal the default messaging app

Signal is a popular encrypted messaging application that focuses on privacy. It is an alternative to ...

Google Cloud: We use some SolarWinds, but we were not affected by the hack

Google Cloud CISO Phil Venables has revealed that the cloud uses software from the vendor, SolarWinds, but states that the use ...

Scotland Environment Service: ransomware continues to affect us

The Scottish Environmental Protection Agency (SEPA) has confirmed that it was hit by a ransomware attack last month and continues to face ...

Backdoors and vulnerabilities were discovered in FiberHome routers

Backdoors and other vulnerabilities have been discovered in the firmware of a popular FiberHome FTTH ONT router. FTTH ONT stands for Fiber-to-the-Home Optical Network ...

GitHub apologizes to an employee who fired! What happened;

GitHub has admitted that it was wrong to fire a Jewish official who made "anti-Nazi" comments about the Capitol riots.

By 2030 AI will replace the people of cybersecurity

Security company Trend Micro recently conducted a new survey that reveals that more than two-fifths (41%) of IT leaders believe ...

Chinese Winnti APT targets organizations in Russia and other countries!

Security researchers at Positive Technologies have uncovered a series of attacks carried out by a Chinese APT hacking team targeting organizations in Russia ...

Silicon Valley is investing a huge amount of money in India

From March to November, even when COVID-19 destroyed economies around the world, the richest man in India ...

Microsoft, Salesforce, Oracle are designing a digital vaccination passport

A Covid digital vaccination passport is being developed jointly by a team of health and technology companies, as well as governments, airlines and ...