Share this page!

Enter Twitter Thread URL to Unroll

Needs to be the full URL like: https://twitter.com/threadreaderapp/status/1644127596119195649

How to get URL link on Twitter App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
CyberWatchers Profile picture
@cyber_watchers
Jun 20 6 tweets 2 min read Twitter logo Read on Twitter
It would appear that, despite some of the headlines in the press following the hack by
Cyber Resistance, Sergey Morgachev wasn't as important as we had first thought.
informnapalm.org/en/hacked-russ…
Image
From what we have heard he was head of his Department with some extra responsibilities supporting the Head of his section within the 85th GTsSS. Not the Deputy Head of the entire unit, as Cyber Resistance had stated.
What can't be disputed is the salary that Morgachev has been paid since moving from the #GRU to STC. A
check across a few employment sites suggests that with the experience he undoubtedly possesses he could be earning much more that he is receiving at the moment.
So, the question we are asking is, could his move to STC rather than a company which might pay him
more be down to the fact that he has been indicted or have there been other inducements to persuade
him to move from Moscow to St Petersburg?
With the Russian economy in its current state, a resignation from Morgachev and a move to STC might have been preferable to a pay cut he was apparently about to face, had he stayed.
@threadreaderapp unroll

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with CyberWatchers

CyberWatchers Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @cyber_watchers

CyberWatchers Profile picture
May 4
Morenets is a senior official in the #85thGTsSS that is supposed to be a sophisticated state cyber hacking enterprise that should be operating with a high level of plausible deniability.
It seems they are incapable of keeping their standards high enough to avoid detection/attribution based on the numerous instances of cyber activity which have recently been attributed to the #GRU.
This would seem to be another role which Morenets is seemingly incapable of fulfilling successfully. In the last year alone the following cyber-attacks have been attributed to the GRU.
Read 6 tweets
CyberWatchers Profile picture
May 4
Continuing our thread on Aleksey Morenets....
Despite the mistakes made it may surprise you that Morenets still has a job in the #85thGTsSS, also known as #APT28 or Fancy Bear. It is our understanding that he is in charge of a Directorate involved in Cyber espionage.
We have heard that his staff are not happy with his management. We know that in the lead up to the war with Ukraine staff had their working hours extended by Morenets while he remained on regular hours.
Read 4 tweets
CyberWatchers Profile picture
May 3
We would like to introduce you to Aleksey Sergeyevich Morenets, a #GRU officer indicted by the US along with 6 others in October 2018. Image
He may look familiar to you? Here he is in our tweet of congratulations to Yevgeny Serebryakov, on GRU day, for his part in the failed attempted hack of the OPCW HQ in The Hague.
Morenets and Serebryakov were part of the team intercepted by the Dutch authorities in April 2018. At the time Morenets was described in the press as a bungling hacker after it was discovered that he had travelled under his real name and date of birth.
Read 8 tweets
CyberWatchers Profile picture
Mar 15
We thought it was time to return to highlighting some of the tech companies with ties to the Russian intelligence services. Today we introduce you to Special Technological Centre Ltd. #STC #СТЦ
In late 2016 STC was sanctioned by the U.S. in the amendment to Executive Order 13964 issued by President Obama.
STC was named as one of three companies that provided material support to the #GRU interference of the Presidential election in 2016 and assisting them in conducting signals intelligence operations.
Read 8 tweets
CyberWatchers Profile picture
Jan 17
We tweeted in July about the development of a variant to the malware project Drovorub-A1 by Russian tech company AST (АСТ).
Drovorub-A1 was originally developed for the GRU 85th Main Special Service Center (85th GTsSS, в/ч 26165) and dubbed the 'Swiss Army Knife' for hacking Linux.
#APT28 #GRU #FANCYBEAR
US agencies warned of the threat posed in a 45-page security alert released in August 2020 and companies such as Schneider Electric offered mitigation to customers in advance of fixes to their operating systems.
media.defense.gov/2020/Aug/13/20…
Read 7 tweets
CyberWatchers Profile picture
Oct 4, 2022
We have become aware of a large #ICS/#SCADA malware project apparently conducted under a state contract on behalf of the Russian General Staff Main Intelligence Directorate (#GRU), Main Centre for Special Technologies (#GTsST), military unit 74455.
This military unit also known as #Sandworm is located at the GRU Ulitsa Kirova facility in the Khimki suburb of Moscow. In the past Sandworm has targeted ICS/SCADA, one of the most renowned being the #INDUSTROYER2 hacking attempt of a Ukrainian electrical substation in April 22.
The ongoing project is to cost more than 100 million rubles across three phases and undertaken by several technical defense contractors.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(