https://8ch.net/pol/res/13518596.html
Hackers have breached SyTech, a contractor for FSB, Russia’s national intelligence service, from where they stole information about internal projects the company was working on behalf of the agency – including one for deanonymizing Tor traffic.
The breach took place last weekend, on July 13, when a group of hackers going by the name of 0v1ru$ hacked into SyTech’s Active Directory server from where they gained access to the company’s entire IT network, including a JIRA instance.
Hackers stole 7.5TB of data from the contractor’s network, and they defaced the company’s website with a “yoba face,” an emoji popular with Russian users that stands for “trolling.” (ils sont à Vevey pour la Fête des Vignerons ? ou en Gruyère en train d’analyser les trous du fromage ?)
Nautilus - a project for collecting data about social media users (such as Facebook, MySpace, and LinkedIn).
Nautilus-S - a project for deanonymizing Tor traffic with the help of rogue Tor servers.
Reward - a project to covertly penetrate P2P networks, like the one used for torrents.
Mentor - a project to monitor and search email communications on the servers of Russian companies.
Hope - a project to investigate the topology of the Russian internet and how it connects to other countries' network.
Tax-3 - a project for the creation of a closed intranet to store the information of highly-sensitive state figures, judges, and local administration officials, separate from the rest of the state's IT networks.
The first was Nautilus-S, the one for deanonymizing Tor traffic. BBC Russia pointed out that work on Nautilus-S started in 2012. Two years later, in 2014, academics from Karlstad University in Sweden, published a paper detailing the use of hostile Tor exit nodes that were attempting to decrypt Tor traffic.
Researchers identified 25 malicious servers, 18 of which were located in Russia, and running Tor version 0.2.2.37, the same one detailed in the leaked files.