EXCLUSIVE CNN Hackers also accessed the prisoners’ telephone contacts. They made these numbers publicly available in the hope that people will call the prisoners in order to clarify what happened to Navalny
Exclusive: Hackers steal Russian prisoner database to avenge Navalny’s death
per Sean Lyngaas It is Darya TarasovaCNN
CNN – Just hours after the death of opposition leader Alexey Navalny in February in a Russian prison, a group of anti-Kremlin hackers went looking for revenge.
Using their access to a computer network linked to the Russian prison system, the hackers posted a photo of Navalny on the prison website, according to interviews conducted with the hackers, screenshots and data analyzed by CNN.
On the hacked website, the message “Long live Alexey Navalny!” was read, accompanied by a photograph of Navalny and his wife Yulia at a political rally.
In a stunning security breach, the hackers also appear to have stolen a database containing information on hundreds of thousands of Russian prisoners, as well as their family members and other contacts, including, according to the hackers, data on Russian prisoners. Arctic penal colony, where Navalny died on February 16.
The hackers, who say they are of various nationalities, including Russian and Ukrainian expatriates, shared this data, including phone numbers and email addresses of prisoners and their families, “in the hope that someone can contact them and help understand the what happened to Navalny”, explained to CNN a hacker who claims to be involved in the intrusion.
Additionally, hackers used their access to the Russian prison system’s online store, where family members buy food for inmates, to change the prices of products such as pasta and canned meat to one ruble, which is equivalent to around 0. 01 dollars, according to screenshots and videos of purchases in the online store published by hackers.
Typically, these products cost more than 1 dollar.
According to the hacker involved, it took several hours for the administrator of the prison’s online store to realize that the Russians were buying food for cents. And it was only three days later that the prison store’s IT team managed to put an end to the discounts provided by the hacker, according to his report.
“We were watching the [registos de acesso à loja online] and the speed kept increasing, with more and more customers making purchases”, said the hacker in an online conversation, while providing CNN with data that corroborated his involvement in hacking.
Hackers claim that the database contains information on around 800,000 prisoners and their family members and contacts. An analysis of the data carried out by CNN found some duplicate entries in the database, but the database still contains information on hundreds of thousands of people. CNN was able to match the names of several prisoners in screenshots shared by hackers with people who, according to public records, are currently in Russian prisons.
The prison online store that hackers appear to have hacked is owned by the Russian state and is officially known as JSC Kaluzhskoe, according to Russian business records reviewed by CNN. JSC Kaluzhskoe serves 34 regions of Russia.
CNN requested comment from JSC Kaluzhskoe, the Federal Penitentiary Service of Russia (known as FSIN) and the individual administrators of the websites the hackers claim to have manipulated.
On February 19, the day after hackers tampered with the website and replaced it with Navalny’s photo, JSC Kaluzhskoe posted on the Russian social media platform VK that it had suffered a “technical failure” that led to “prices of food and basic necessities” were “presented incorrectly”.
Tom Hegel, a cybersecurity expert with experience in analyzing data transfers, stated that the released data revealed all signs of being authentic and that it originated from the hacked prison store.
Hackers “clearly had full access to get all of this,” said Hegel, who is the lead threat researcher at U.S. cybersecurity firm SentinelOne. “The amount of images captured and data provided is quite complete.”
New chapter of hacktivism
The hacker group sent messages to administrators of the prison’s online store, warning them not to remove pro-Navalny messages from the site. When the administrators refused, the hackers retaliated by destroying one of the administrators’ computer servers, the hacker revealed.
Navalny, a charismatic political leader who spoke out against Russian government corruption, died under mysterious circumstances on February 16 in a prison in the Yamalo-Nenets region, 1,200 miles northeast of Moscow. The United States holds Russian President Vladimir Putin responsible for Navalny’s death, American President Joe Biden said.
Russian opposition leader Alexey Navalny appears via video link from the Arctic penal colony where he was serving a 19-year sentence, provided by the Russian Federal Penitentiary Service, during a hearing at the Russian Supreme Court in Moscow, Russia, in January . Alexander Zemlianichenko/AP
Politically motivated computer hacking, or “hacktivism,” has been a rampant phenomenon in the more than two years since Russia’s invasion of Ukraine. In the days following the hack, a Ukrainian took revenge by releasing a set of internal data from a Russian ransomware group that revealed the group’s alleged links to Russian intelligence.
Pro-Ukrainian hackers of various stripes have joined the fight, claiming responsibility for attacks on a Russian Internet provider, for example, and on websites that were broadcasting a high-profile speech by Putin last year.
The war in Ukraine “undoubtedly began a new chapter in the use of hacktivism, unprecedented on its current scale,” said Hegel, the SentinelOne researcher. “Hacktivism has emerged as a powerful tool for diverse groups to express their perspectives, support their nations, target adversaries, and attempt to influence the trajectory of war.”
The attack on the prison’s online store was accompanied by a message from Russian expatriates.
“We computer experts have left today’s Russia,” read a message in Russian on one of the prison store’s websites, according to a Feb. 18 screenshot of the site reviewed by CNN. “We love our country and we will return when it is free from Putin’s regime. And we will go to the end on this path.”
){kind=link}