The Russian hacking team Digital Revolution claims to have infringed systems an external FSB affiliate, of National Intelligence Service of Russia, and discovered details of a project aimed at hacking Internet of Things (IoT) devices.
These items have been released everywhere since a few days earlier BBC Russia revealed the news.
Fronton: The Its IoT botnet FSB
The technical documents for Fronton were drawn from one of the internal sections of the FSB, unit no. 64829, also known as FSB Information Security Center.
According to the BBC, InformInvestGroup appears to be working with the software company as well ODT (Oday) LLC based in Moscow. Digital Revolution claims to have violated ODT (Oday) LLC systems in April 2019.
Thus, the hackers gained access to the documents mentioned in and production FSB hacking project. According to documents, the project started to be implemented in 2017 and 2018. Companies behind it, they seem to be inspired by it Mirai, an IoT malware used to build a huge IoT botnet at the end of 2016. Mirai used to make thousands DDoS attacks on various companies.
The documents suggest building a similar IoT botnet that will be made available to the FSB. According to leaked data, the Fronton IoT botnet will be able to perform «Password dictionary attacks"To Appliances and production , which still use factory defaults credentials and common username-password combinations. if she attack he is successful, the IoT device will be integrated into the botnet.
Fronton: IoT cameras and NVRS target
Hackers say Fronton botnet specifications allow him to target cameras security and digital video recorders (NVRs). These devices are ideal for DdoS attacks.
"If they are streaming video, they have a large enough communication channel to run DDoS efficiently," the documents said.
About 95% of the botnet should consist of these two types of devices, the documents say. Each infected device will perform "password attacks "on other devices to keep the IoT botnet alive.
In addition, the FSB will manage the botnet through an online admin panel hosted on a command and control (C&C) server located behind a network VPN and proxy serversin order to hide its true position.
The Fronton botnet was capable of targeting smart devices based on Linux, which represent the vast majority of IoT systems today.
Its use Russian language and Cyrillic alphabet were banned strictly throughout the project and in the source code.
Russia FSB: State Russians hackers are used to targeting IoT devices
Russian state hackers have repeatedly tried to hack IoT devices. The IoT hacking project of the Intelligence Service is not a surprise.
In August of 2019, the Microsoft said it had observed one of the top hacking teams breach IoT devices in order to gain access to the internal network of a major target.
This is the third time Digital Revolution has revealed files by a partner of the Russian Intelligence Service.
The first victim was a company named after him Quatum. Digital Revolution violated the systems and disclosed details of social media monitoring programs used by the FSB.
The second victim was a company called Sytech, where the hackers from Ditigal Revolution obtained information on six other secret FSB projects.