Anonymous has unleashed a successful cyber war to undermine Putin’s Ukraine invasion

March 18, 2022, 7:53 PM UTC
Portrait of man with digital tablet
Yagi Studio—Getty Images

Soon after Putin’s invasion of Ukraine, Anonymous declared a cyber war on Russia. 

The hacktivist collective has claimed responsibility for disabling government, corporate, and news websites.

Anonymous has claimed that it successfully infiltrated Russian state TV to show citizens the devastation of Putin’s invasion of Ukraine. It also leaked emails and files from government agency Roskomnadzor, responsible for censoring Russian media.

Anonymous has since gained the support of more than 500,000 followers on its Twitter account, which now boasts more than 7.9 million followers. 

A study conducted by Jeremiah Fowler, the co-founder of the cybersecurity company Security Discovery, finds that Anonymous’ claims of hacking Russia are accurate. Attacks on Russian servers and websites coincide perfectly with Anonymous’ hacking timeline.

Anonymous hacks Russian databases

92 out of 100 Russian databases analyzed had been compromised, and file names were changed to “Glory to Ukraine,” “Putin stop this war,” “stop war,” “no war,” “HackedByUkraine,” and other pro-Ukrainian messages.

Most of the files reviewed in the databases were wiped out. Hacktivists used a script resembling the “MeowBot,” which deletes the content of files and changes their names. 

One of the compromised databases was The Commonwealth of Independent States (CIS) which is made up of 11 republics and used to coordinate information on finance, trade, lawmaking, and security between member states. Hundreds of files in the database were renamed to “putin_stop_this_war.” Emails and weak administrative credentials were also leaked.

Another compromised database contained information that belonged to retailer Leroy Merlin, a French home improvement and gardening company. This database had security, analytics, authorization, administrator credentials, internal passwords, and logging data. Like the other databases, files were renamed to pro-Ukrainian messages.

Green Dot’s database, which provides TV and internet services to 18 cities across Russia, was also exposed. While a small number of files in the database were renamed, they weren’t deleted. Hackers, however, could have still gained enough information to target other areas of the network.

Hacking Russian state websites

Reports claim that Anonymous has disrupted the websites of Gazprom (an oil giant,) RT (a state-sponsored news channel,) and shut down the Control Center of Roscosmos (the Russian Space Agency.)

The group also posted to their Twitter account that they have hacked live streams of dozens of CCTV cameras inside Russia, plastering “Putin is killing children” and other messages across the screens. 

To counter this, the hackers have created live feeds of the security cameras located in businesses, schools, restaurants, and offices and called them “Behind Enemy Lines” and shared this on their social media.

Censorship in Russia leaves little room for opposition, and Russians who live outside the country have not kept quiet about their discontent with the invasion of Ukraine. 

Cyberattacks are a way to create significant disruptions regardless of location. Furthermore, repercussions are not legal or physical, and they are hard to defend because it is hard to identify the source of cyber attacks.

Russia’s cyber war history with Ukraine

Russia also has a cyberweapon called “Uroburos,” which alludes to infinity, or a cyber-attack with no end. Days before Russia attacked Ukraine, the country was targeted with “HermeticWiper,” a malware that prevented computers from rebooting, and appeared to only target devices with Ukrainian language keyboards. 

This wouldn’t be the first time Russia unleashed cyber attacks on Ukraine. In 2013, public and private information systems were attacked, then in 2015 and 2016, Russia disabled Ukraine’s power grid. That same year, they hacked the State Treasury of Ukraine, and the following year, they attacked the supply chain. Finally, the latest attack came in January when government websites were hacked.

More false claims from Russia

In recent weeks, a pro-Russian hacktivist groups claimed that it shut down the anonymous website to counter Anonymous’ attacks and credibility. However, Anonymous doesn’t have a website.

Is Anonymous in danger?

Many secret keys linked to the email server “mail.ru” were found during the study. Secret keys are a piece of information or framework used to encrypt and decrypt messages. This can pose a future danger because they can be misused to expose sensitive information or data. 

While conducting offensive cyber warfare might seem like a noble cause, the hackers might be engaging in criminal acts without government authority.

Regardless, Anonymous has gained many followers and received thousands of supportive messages and likes on their social media accounts. 

Never miss a story: Follow your favorite topics and authors to get a personalized email with the journalism that matters most to you.