Russian RUSAL Deployed Equipment to Spy on Intertelecom Ukraine

Today russian hacktivist @Rucyborg has announced part 4 of an ongoing leak of documents dubbed ‘Transmission 004 The Golden Sun of the Red Dragon East’ . The Data leaks which started in march have so far leaked on documents from Searchinform, Russian Defence Export and Russian Industrial Investment Fund and now the most recent dump comes from China Embassy in Moscow. The leak was announced from twitter and uploaded in 8 parts to anonfiles and totals 1.34GB compressed and just under 2GB uncompressed. Altogether there are a few thousand documents mostly image and xls files with some TIF, pdf, fp3 (fast report) and doc/docx files. As a result of the Chinese Embassy in Moscow being breached some documents that are labeled confidential leaked that say a full investigation is underway by China Chamber of Commerce for Import and Export of Machinery and Electronic Products into unlawful monitoring of ukraine cell provider Intertelecom by partners to RUSAL. It appears the investigation also goes much deeper than that with links to ALTRON and even deeper again with links to former intelligence counselor of viktor yanukovych (see gallery). It isnt the first time either that RUSAL has come up in investigations as it appears back in 2012 they had been checked for fraud and money laundering. Other documents in the leak contain police reports, incident reports, insurance and sales and purchase receipts, risk management reports. There is also documents related to private and confidential talks about the investigation. (see gallery). There is a heap of PII in this leak to with close to 100,000 accounts scattered through the leak many of which have incomplete information that relate to modem login credentials for Intertelecom clients, this also includes full contact information such as addresses, contact numbers, full names and modem passwords, over 80 different complete copies of passports and related information have been leaked as well. I have spoken to RuCyborg about motives behind these recent attacks and they have given me a fairly detailed but understandable answer . "in this particular case I just got pissed off with Putin’s annexation of Crimea, even though I am russian ethnically to the bone and russia is my motherland" The Political motivation behind this shows the hacktivism within these attacks and its not something new to this hacker either who has also stated they have been doing similar things 1999. Now we await for the next part of the on going attack against russia which has been announced as a continued part of this leak. “Next leak we deliver the whole package of docs revealing the secrets of cooperation between Malomuzh and Russian RUSAL executives puppeteers of FSB.” Updates to come when the next leak happens. Full gallery of preview of documents:

About the author: Lee J

Security Analyst, Developer, OSINT,

Comments are closed.