The hack of an FSB contractor has exposed details of the Russian
intelligence agency’s cyber weapons program aimed at exploiting vulnerabilities
in IoT devices.
Digital Revolution, a Russian hacking group, has claimed credit
for the April 2019 breach of subcontractor ODT
(Oday) LLC, which was working with frequent Russian Ministry of Internal
Affairs contractor InformInvestGroup CJSC, and published 12 technical documents
revealing what the FSB has dubbed the Fronton Program.
Inspired by the Mirai botnet, the program developed in 2017
and 2018, according to a ZDNet report,
suggests creating an IoT botnet for the FSB marshalling devices – particularly internet
security cameras and digital recorders – that still use default logon credentials
or easy-to-crack user names and passwords.
Once pulled into the botnet, the devices could be used to
execute DDoS attacks. “If they transmit video, they have a
sufficiently large communication channel to effectively perform DDoS,”
the report cited an expose
by BBC Russia as saying.
The FSB’s unit No. 64829, or FSB Information Security
Center, apparently placed a procurement order for the project.
This isn’t the first time the FSB has suffered
an embarrassing breach. Hackers reportedly stole
7.5 TB of data from the intelligence service’s contractor SyTech, which
revealed details on several of its activities or prospective projects,
including the collecting of information on users of social media services Tor
and P2P networks.
has worked for FSB’s radio-electronic intelligence unit 71330 since 2009. The
July 13 breach reportedly exposed details on “Nautilus,” a plan to gather
information on users of Facebook, MySpace, LinkedIn and similar services;
“Nautilius-S,” a project to deanonymize Tor traffic using Tor servers; and
“Reward,” a scheme to secretly penetrate P2P networks.