Hacktivists Leak Email Data from Russian Pipeline Giant Transneft
Amid Russia’s war with Ukraine, Russian state-backed businesses continue to face attacks and data leaks from hackers.
A website famous for hosting leaks released a link to around 79 gigabytes of allegedly stolen emails from Transneft, a government-controlled Russian oil pipeline company.
Transneft, which has its headquarters in Moscow, is the largest pipeline company globally. The company transports oil and petroleum products between Russia and CIS countries and operates pipelines covering more than 70,000 kilometers. Under the sanctions against Russia, it cannot receive investments from the U.S. market.
The hacktivists leaked information extracted from Transneft’s OMEGA Company, the department that deals with several disciplines of research and development.
Omega Company manufactures sophisticated acoustic and temperature monitoring systems for oil pipelines with its focus on leak detection.
The leaderless hacktivist group Anonymous claimed responsibility for the attack. Distributed Denial of Secrets (DDoSecrets), a website that hosts information leaks and compared to a modern-day WikiLeaks, posted the data. Russia’s invasion of Ukraine is what prompted the group to hack Transneft.
It is essential to point out that DDoSecrets received the leaked data from Anonymous hacktivists and that the organization itself is not behind the hack.
The leaked data contains multiple email messages sourced from the accounts of several Transneft employees, along with attachments that include image files that have server racks and other equipment configuration, information on product shipment, invoices, among others.
In some of the messages, you can find the accounts of current activities and information related to the effects of sanctions that have been announced against Russia by the United States and European Union since February 25, shortly after the Russian invasion of Ukraine.
Apart from sanctions, the emails revealed that the pipeline company was also worried about hackers. The leak contained a document dated March 14 with details of the security measures taken by the company in response to hacktivism targeting Russia.
In addition to changing passwords randomly, enabling multifactor authentication, imposing a moratorium on foreign software updates, and running a full anti-virus scan are the measures to be taken.
The emails also show passwords for Zoom meetings that the company has organized. Some of the emails date back to 2018, but others may go back further, given the size of the leak.
Following recently targeted hacks against Russian companies, the website warned that ulterior motives, malware, altered or implanted data, and fake personas are highly likely in the email attachments. “As a result, we encourage readers, researchers, and journalists to take additional care with the data,” reads a note on the Distributed Denial of Secrets website.
In an unusual move, Distributed Denial of Secrets in a note that accompanied the email upload revealed that the source dedicated the leaks to Hillary Clinton, who had publicly encouraged Anonymous to launch cyber attacks against Russian entities in an interview with MSNBC’s Morning Joe in February.
“I think that people who love freedom, people who understand that our way of life depends upon supporting those who believe in freedom as well, could be engaged in cyber support for those in the streets and Russia,” Clinton said.
The government of Ukraine also added its voice urging hackers to target Russia, even assembling its army of hackers to fight the invaders through cyber-action.
In the aftermath of Russia’s invasion, Anonymous declared its full support for the Ukrainian people. Shortly after, they owned up to being behind cyberattacks against state news agencies RIA Novosti and Tass.
This is the latest in a growing number of hacktivist campaigns targeting Russia because of its continued aggression towards Ukraine. They claim to have hacked government agencies, private companies, and intelligence services.
However, not all hackers are stealing data and breaching systems. Known as squad303, one hacking group created an online tool so anyone could send emails, texts, and WhatsApp messages to Russians so they could learn about the war.