Micah Lee 🫡 Profile picture
Apr 19, 2022 27 tweets 12 min read Read on X
I don't think people fully appreciate just how much, after invading Ukraine, people are hacking Russia. There are multiple hacks a week and it's only increasing. For first time in internet history Russia is fair game for cyber attacks, and this is what it looks like 🧵
Distributed Denial of Secrets has been archiving these dumps and making them torrents. DDoSecrets has been around for a few years but made a big splash in 2020, during BLM protests by publishing hacked data on hundreds of US local/federal police sites theintercept.com/2020/08/17/blu…
Twitter permanently banned the @DDoSecrets account then, and also took the extraordinary step of banning links to ddosecrets dot com itself. Go ahead and try tweeting that URL, it won't work.
Anyway, DDoSecrets has 7 Russian datasets from March and another 20 from April (so far)
817gb from Roskomnadzor, agency that monitors and censors mass media (!)
79gb from Transneft, world's largest oil pipline company, state-controlled
15gb from Rosatom, the state nuclear energy agency and major exported of uranium
2.4gb from RostProekt, a construction company ImageImageImageImage
110gb from MashOil, manufacturer for drilling, mining, and fracking industries
22gb from the Central Bank of Russia
5.9gb from Thoriz Corp, investment firm owned by an oligarch billionaire
52gb from Marathon Group, another investment first owned by another oligarch ImageImageImageImage
15gb from the Russian Orthodox Church's charitable wing
65gb from Central Legal Services, mostly emails
483gb from Mosekspertiza, state-owned firm
786gb from VGTRK, state-owned broadcaster that runs dozens of TV/radio stations (!)
244gb from Petrofort ImageImageImageImage
145gb from Aerogas, oil and gas industry
35gb from Forest, logging firm
116gb from Tver Governor's office, appointed by Putin
150gb from the city of Blagoveshchensk ImageImageImageImage
Whew... there's still a lot more. It's going to take months and years to look through all of this data. It's hard to picture how this will affect Russia going forward. It's massive.
446gb from the Ministry of Culture (!)
221gb from the education department of Strezhevoy
440gb from Technotec, oil and gas industry
726gb from Gazprom, oil and gas manufacturer
400gb from Continent Express, travel agency ImageImageImageImage
222gb from Gazregion, construction company that does gas pipelines (hacked by 3 different hacktivists at the same time lol)
107gb from Neocom Geoservice, oil, gas, and drilling engineering ImageImage
1.2gb from Synesis Surveillance System
9.5gb from General Dept of Troops and Civil Construction (works with ministry of defense)
160gb from Tendertech, financial and banking processing firm ImageImageImage
Those last four datasets: those were from TODAY. I know there are several more in the DDoSecrets backlog as well. It's insane.
This isn't all that DDoSecrets does at all. It's just been particularly slammed by hacktivism against Russia since the illegal invasion of Ukraine. Here's a great overview from @illegaldaydream, a member of the collective backdrifting.net/post/057_what_…
After January 6, DDoSecrets published 5gb of hacked data from the Oath Keeper militia and shared it privately with journalists, which triggered dozens of investigations around the country npr.org/2021/11/05/105…
During the far right anti-vax Canadian "Freedom Convoy", a hacktivist hacked the far right fundraising site GiveSendGo and leaked all their data to DDoSecrets, which shared with journalists. This also triggered dozens of news articles theintercept.com/2022/02/17/fre…
Even since Russia's war against Ukraine started, DDoSecrets published 4TB of data from "Mining Secrets", a major collaboration of 65 journalists and 20 newsrooms forbiddenstories.org/case/mining-se…
Anyway, I've been working on downloading as much of the hacked Russian data as I can and making it searchable for Russian-speaking journalists. If you have the time and tech skills, you should too! The data is available to everyone
And if you want to support DDoSecrets, go to ddosecrets dot com and click "Donate" on the left.
The collective works on a shoestring budget, doesn't get paid, and spends very little time fundraising because they're too busy with everyone hacking Russia Image
TODAY DDoSecrets released two new hacked Russian datasets:
130gb from Worldwide Invest, investment firm
432gb from Sawatzky, property management firm with lots of big clients ImageImage
The section on the DDoSecrets Wikipedia page for its 2022 releases is woefully out of date, if anyone wants to improve it en.wikipedia.org/wiki/Distribut…
Another release today:
211gb from Accent Capital, a commercial real-estate investment firm Image
I wrote an article about how hacktivists are bombarding Russia with an Unprecedented onslaught of cyberattacks interc.pt/3K8sbXx
Another day, another few hundred gigs of hacked emails from a Russian company.
Today DDoSecrets published 432gb of data from Enerpred, the largest producer of hydraulic tools in Russia that works in energy, petrochemical, coal, gas and construction Image
1.1 terabytes (!) of email from ALET / АЛЕТ, a customs broker for companies in the fuel and energy industries, handling exports and customs declarations for coal, crude oil, liquefied gases and petroleum products Image
More hacks in the last few days:
554gb of data from Petersburg Social Commercial Bank
1.7tb (terabytes!) from Elektrocentromontazh, Russia's primary electricity utility ImageImage
The first hacked Russian dataset in May: 20gb of data from LLC Capital, a Russian accounting firm Image
They've launched a crowdfunding campaign. Donate here: fundrazr.com/ddosecrets

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Micah Lee 🫡

Micah Lee 🫡 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @micahflee

Dec 15, 2022
Convicted insurrectionist @drsimonegold and founder of anti-vax disinformation group America's Frontline Doctors wants to help @elonmusk fact check medical information on Twitter theintercept.com/2022/12/15/elo…
Gold started AFLDS to push ivermectin and hydroxychloroquine as miracle cures for COVID-19 (they aren't), and to lie about vaccine safety. Last year I revealed that AFLDS convinced at least 72k people to spend at least $15M on fake COVID drugs theintercept.com/2021/09/28/cov…
Gold sent her letter to Musk based on this "breaking" news tweet that got ~200k likes. Of course there's little evidence that @elonmusk actually has any plans for this
Read 17 tweets
Feb 15, 2022
Donation site used by Freedom Convoy suffers 3rd data leak in two weeks. The new hack includes "a full 2.5 GB MySQL database dump, source code for their Bitbucket repo, information from their customer service systems” and limited credit card data dailydot.com/debug/givesend…
I'm starting to look at the latest GiveSendGo leak. The MySQL dump, called gsg_prod_v4_20220211.sql, appears to be a complete dump of their production database. It includes the entire donor history of everyone who's donated to any campaign before February 11, last Friday Image
The tbl_users table has 170,944 rows -- this is probably everyone who has made an account on GiveSendGo... and everyone's passwords are hashed with md5, though at least they're salted
Read 12 tweets
Jun 23, 2020
This is beyond messed up. Twitter never suspended Wikileaks or blocked access to WL links over their publishing, but they’re doing it now because of #BlueLeaks, a 270gb set of leaked police documents
This is what happens when you try tweeting a link to DDOSecret's website Image
Here's what happens when you try sending a DDOSecrets link as a direct message Image
Read 6 tweets
Apr 15, 2019
I've been reading the newly unsealed US v Assange affidavit, written by FBI special agent Megan Brown. Here are some parts that I find interesting courtlistener.com/recap/gov.usco…
The alleged crime was in 2010, but Brown wasn't assigned to the case until 2017. I think this adds weight to the argument that Obama DOJ decided they couldn't move forward for press freedom reasons, but Trump DOJ decided to just go for it, because screw the free press
The affidavit says that according to Chelsea Manning, she was a source for an Iceland-related WL release. A forensic analysis of her DoD computer let them know exactly which files were burned to a CD, and when
Read 7 tweets
Jan 24, 2019
Govs around the world, including China & Russia, but also US and allies, conduct "supply chain attacks", where they insert hardware implants into servers and routers before they get shipped to surveillance targets, according to Snowden documents theintercept.com/2019/01/24/com…
In October Bloomberg published a widely-disputed story claiming China conducted supply chain attacks against Supermicro motherboards. While the specific story may be completely wrong, supply chain attacks definitely happen bloomberg.com/news/features/…
Our story, based on previous Snowden reporting, on docs that have previously been published but never analyzed, and on new docs we're publishing today, doesn't address Bloomberg's claims. But it's clear that the US takes seriously the threat from Chinese supply chain tampering
Read 12 tweets
Dec 4, 2018
LulzSec hacktivist Jeremy Hammond, who hacked private intelligence firm @Stratfor and leaked data to WikiLeaks in 2012, is beginning his third week in solitary confinement. He's been accused of "minor assault" for bumping a prison guard with a door theintercept.com/2018/12/04/jer…
UN's expert on torture said solitary confinement "can amount to torture or cruel, inhuman or degrading treatment or punishment," and called for an absolute prohibition on >15 days in solitary (about how long Jeremy's been there so far) because it can lead to lasting mental damage
Jeremy has been taking college classes through a prison education system, was on track to getting an Associate's Degree next semester. Since he's been in solitary, he's been forced to miss classes, can't turn in assignments, is missing finals
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(