«Times” conducted its own investigation, as the group “Anonymous International”, known as “Sholtay Dumpty,” could gain access to the devices, allegedly owned by senior Russian officials, one of the most influential forces might be behind her work and why it is still not prosecuted on the facts of hacking.
Approximately sixteen months of existence “Anonymous International” has become, perhaps, the most famous band in modern Russia, specializing in “plum” for policymakers. They laid out the correspondence, allegedly belonging to the Deputy Prime Minister Arkady Dvorkovich, the Kremlin chef Eugene Prigogine, hacked “Twitter” -akkaunt Prime Minister Dmitry Medvedev and auctioned alleged correspondence to his press secretary Natalia Timakova and heads Roskomnadzora Alexander Zharov.
In recent months, the main purpose of the attacks was the group managing internal policies of the president and his deputy leader personally Timur Prokopenko, correspondence for the period since 2011, allegedly belonging to him, laid out for public access.
«We were going to sell the original arrays Prokopenko … All files that he sent to the” Telegram “and other messengers, notes, attachments to the SMS correspondence, journal of his calls, the phone book. Not otshtrihovannye contact phone numbers in the end. Videos, photos, calls “- said the” Internationale “” Gazeta.ru “. Grouping claims that targeted the Prokopenko, as it considers the primary responsibility for the administration of control over the media and the Internet.
In addition, activists have promised in the near future to publish regular arrays of correspondence a few officials.
However, for some strange reason, “Anonymous International “did not want to share with the citizens of correspondence deputy head of the OHR from January 2013 to January 2014. Spaces are also available from 11 November 2011 to 03 December 2011, and from 22 December 2011 to January 10, 2012.
«We gave arrays in the form in which downloaded to devices. If there is not some periods, or Timur Prokopenko they are not maintained, or used by other devices. Accordingly, we do not filtered array. Gave it like it is, “- says” Gazetu.Ru “the activists of the” Internationale. ”
Phishing and other hacking tools
The regular disclosure of confidential correspondence of senior officials raised the question of hacking abilities “Humpty Dumpty.” If we assume that the device really “broken” and not simply stole – it is possible to simulate a scenario like breaking from the outside.
independent expert who is familiar with the hacker community, on condition of anonymity, agreed to tell “Gazeta.ru” the most probable path breaking SMS and Telegram.
Source “Gazety.Ru” notes that this task is more difficult than hacking twitter Medvedev, but does not require a high level of proficiency hacking. Array SMS and Telegram from iPhone users is stored in iSloud. To our knowledge, Prokopenko was the owner of “apple” smartphone.
Get access to the account of the cloud service is easiest through the mail, to which it is attached. Experts call two of the most simple ways, one of which, perhaps, was used.
The first – “phishing”. You need to make sure that the “victim” to open the link, after the transition to which it does will be under the influence of malicious scripts. And of correspondence, allegedly owned by Timur Prokopenko, it is clear that he had to work to view a large number of links.
To the letter referring not to arouse suspicion, it must be sent to the e-mail addresses, familiar victim of hackers. On the Internet you can easily find websites offering to send any message to any destination, disguised as anyone familiar address.
After a link that takes the user can send a “Trojan” or Keylogger. These programs allow an attacker to obtain the password from the email of the victim. A computer with the Windows operating system is vulnerable to such software.
However, this option does not work if open a link through the iPhone, but in this case it is possible to make the device “share” mail user session, that is, access to the letters on the website address.
«Let’s say” victim “received a letter from a friend of a friend, which offers a” check out “a collage. “Victim” clicks the link, really sees the photo and does not suspect that at this point the attacker entered in his post, “- explains the simplest version of the technical expert.
You can also send a link which will prompt the user to input a username and password for your email. It may seem that such a “grandfather” reception does not work anymore, but the source “Gazety.Ru” explains that not all so banal and have a pretty clever ways to crank such an operation:
«For example, You can send page twitter clone. Man wants to comment on this picture and enters username and password. ”
According to the expert, there is another way – not much more complicated than the above. To do this, a special device or software called a sniffer (sniffer). To use it enough to be a “victim” in a public Wi-Fi. The device allows you to intercept and decrypt the packets coming from another computer. ”
In the “International” have previously said that their people can keep track of the victims, being with them in a cafe: “Maybe our agent went to Timur on booze Nashi and the Old merged with his phone. This version is not considered? “.
After receiving the input in the mail you can move to iCloud user. Access to it is possible through the normal procedure for password recovery email. As login using mail, access to which has already received, and then you just need to wait for a letter with a link to change your password.
«This is not considered to be burglary rather social engineering. You get the data using logic rather than sophisticated programming skills, “- explains the subtle differences expert.
«After the hacker change the password to iCloud, the victim’s phone is no longer synchronized with the service. He can not enter into it. A few seconds later comes the understanding that it was hacked. Or does not come … “- reconstructs the source schema” Gazety.Ru “.
It also allows for the possibility that the attackers were able to answer the security questions service. This scheme is often used by password recovery forgetful users.
Expert emphasizes that the use of such methods to gain access to mail or iCloud is not considered “aerobatics” in the world of hackers, “All this is quite banal things that are owned by many addicting users ».
« No matter how high rank user. While he enjoys the public services, it is subject to all of their vulnerability, as well as all the other “normal” users “- says the expert. According to him, the more a person is forced to communicate through email and social networking accounts, the more likely the risk that ever break it.
We also add that the Kremlin official accounts can be hacked using special programs working by trial and error. “By the way, people often share the same passwords to accounts in social networks, e-mail, etc. Sometimes enough to gain access to something one “, – says expert finally
All this means that the” Humpty Dumpty “is not necessarily a professional hacker. Moreover, the source publication even doubt it.
According to him, the community of serious hackers in Russia is very closed and it about “hang out” do not even know. Besides, is not in the rules of “serious hackers” to actively use Twitter and other social networks. This level of hacker Hull, who famously cracked mail Alexei Navalny and other opposition leaders. Critics Hull believed that his figure are the Russian security forces who sought dirt on opponents of the regime – so Hull never pursued bodies.
«These hackers are looking for serious vulnerabilities in complex systems. They can earn money by helping large companies to eliminate them, “- emphasizes the expert.
Anti-virus expert “Kaspersky Lab” Denis Legeza and leading virus analyst ESET Russia Artem Baranov comments “Gazeta.ru” about the possibilities of hacking and iCloud mail to make an assumption, a similar version to the expert, who wished to remain anonymous.
«Methods vary widely. From machines installed on victims and keyloggers record keystrokes to such methods of social engineering, as the letter purportedly from the technical support with a request to change the password “- says Legeza.
According to him, the Apple device is now better protected due to less freedom of action provided by the developers and users. But Apple ID, you can still steal through hacking mail using phishing sites etc.
«to steal data from mobile devices used by malicious software, often the user sets it on the smartphone itself . Attackers distribute such programs under the guise of legitimate applications to third-party Web sites. Another scheme of infection – phishing messages in SMS or messenger, with links to installation of malicious software, “- says Baranov.
iPhone protected from malware, but if it is not carried out the operation Jailbreak, explains Baranov. This operation allows you to install on your iPhone unlicensed applications, but it also allows hackers to install on your smartphone malware.
representatives themselves “Anonymous International” categorically denied the use of “phishing”: “It is already a few years does not work if you do not absolutely stupid people” – they said “Gazeta.ru”.
«Star Wars»
Meanwhile, in addition to the basic technological knowledge of hacking, representatives of the “Anonymous International” have an idea of the presidential administration. Their understanding of the situation is confirmed, “plums” and an interview in which the “Internationale” demonstrates a good understanding of the internal Kremlin layouts from internal acronyms applicable to one or another official, to the knowledge of the functional number of private employees, even the names are seldom get in the media.
No wonder that in this context about the version of “The Internationale”, located inside the “towers” of the Kremlin – pops up regularly.
« In an architectural and historical ensemble, located near Red Square, a lot of towers with stars, each of which solves a problem, there are, of course, includes not prevent excessive strengthening of the other towers. But the goal, in any case, is obvious enough – [first deputy head of the presidential administration Vyacheslav] Volodin and his inner circle “- expresses” the Kremlin’s version of “Like many in the political science community, Petr Bystrov, member of the Russian Association of Political Consultants.
On the question of whether the market is technically savvy team that can work for the purposes of this level, faster doubt that would do that someone besides specialists with experience in service FAPSI (Federal Agency for Government Communications Information during the first term of Vladimir Putin integrated into FSO).
Another political analyst on condition of anonymity, put forward this version. He believes that the “Internationale” are detractors Volodin at the level of individuals in the presidential administration with a strong influence on the security services:
«No open market this kind of instruction and services. Here or some special service entirely done, or someone from the security services has attracted hackers. Political scientists, from more or less well-known in their own environment, the maximum can offer, but to implement such a project no one will undertake. ”
Earlier, a source “Gazety.Ru” in the Cabinet Please note that the “Humpty” hacked mail Natalia Timakova a closed domain gov.ru, which caters to the FSO. Accordingly, it can be assumed that either the mail is not properly protected, or those who provide its technical protection, and there is a “Humpty Dumpty”, concludes the source “Gazety.Ru”.
This version of the involvement of existing Kremlin officials another interlocutor in the government describes as “fantastic”, arguing that the participation of the existing “The Kremlin” in such cases – a violation of every conceivable and inconceivable rules of the game.
However, the head of the Political expert group Konstantin Kalachev also believes that the attack on Prokopenko turned “ambiguous.” On the one hand, the publication of correspondence caused damage to his image, on the other hand, claims to his work, according to the logic of the authorities should not be: “All now know about his health. Such people are not scattered. ”
According to the Association of Human Rights Organizations “Agora” Paul Chikova, the published material about an official were “clean” from a legal point of view.
Offended carry water
A senior source “Gazety.Ru” in the government believes that the “Humpty Dumpty” are the so-called “offended”: people who either worked in the administration President, or closely interacted with her, but for one reason or another were out of work:
«Some remarks that” Humpty Dumpty “writes to his” plum “, show that these people are well aware of the system from within “, – stressed the source.
It is interesting that a similar situation burglary boxes officials developed at the turn of 2011-2012. While Vladislav Surkov at the post curator domestic destinations presidential administration was replaced by Vyacheslav Volodin. At the same time the network is thrown broke open mail then head Rosmolodezh Vasily Yakimenko and his press secretary Christina Patupchyk.
In the correspondence included the names of well-known bloggers who allegedly paid money for posting positions of political and social orientation. Hackers as subjects in this episode, posing as a Russian unit of hacker group Anonymous. In itself, it did not matter – the grouping does not have any organizational structure, and its brand could hide anyone.
According to an anonymous expert “Gazety.Ru” familiar with the events of the time, after the break-mail Vasily Yakimenko and Christina Patupchyk, they were invited for a certain amount removed from the publication of some information.
One of the important features that distinguishes the “Internationale” from Hull and “Anonymus” sample of 2012 – an advanced media strategy “Humpty Dumpty.” “The Internationale” emphasizes its independence from the Kremlin, mirror accusing anyone suspected of having links with the grouping of special services and administration – in collusion with the authorities.
Meanwhile, a senior source “Gazety.Ru” believes that the group of people who call themselves “Humpty Dumpty”, featuring former administration officials, experts in the field of IT-technologies and spin doctors. According to him, in the activities of groups plays an important role commercial component.
In particular, according to the source, a number of materials, “Humpty Dumpty” not only puts up for sale in the open, as was the case with e correspondence press secretary Natalya Timakova Medvedev, but also offers to buy out “victims” in the non-public order.
The cost of purchase of a few tens of thousands of dollars. Thus, according to the source, was one of his friends. After he refused to redeem the materials relating to his fear that in the future this fact can play against him, they were laid out in the open access.
However, himself the “Internationale” speaks directly to their commercial purposes. “For some reason, everyone thinks that we are someone’s project and we are fine with the money … having public interest of the publish. But we have a number of projects that do not relate to politics, where we are customers. Eat something we sometimes necessary. Plane tickets to buy, pay communal, not cheap plastic surgery “- says” Humpty “and” loose. ” src=”http://ads.adfox.ru/224316/getCode?p1=bngvu&p2=v&pe=b&pfc=zstg&pfb=crpzf&pr=epxciea”
No comments:
Post a Comment