Ukraine ‘Blackjack’ Hackers Hit Jackpot in Russia | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

A Ukrainian hacking group linked to the country’s main spy agency has stolen construction plans for more than 500 Russian military sites, Ukraine’s military intelligence agency, the GUR, said Friday.

The group, dubbed “Blackjack”, which has previously been linked to the Security Service of Ukraine (SBU), hacked into a Russian state enterprise involved in construction work for President Vladimir Putin’s military. Blackjack was able to obtain more than 1.2 terabytes of classified data. Newsweek has contacted Russia’s Ministry of Defense for comment by email.

Russian President Vladimir Putin (right) attends a meeting with Russia’s Defense Minister Sergei Shoigu (left) in Saint Petersburg, on December 25, 2023. A Ukrainian hacking group linked to the country’s main spy agency has stolen construction plans for more than 500 Russian military sites.

This data includes the maps of more than 500 Russian military bases across Russia and in regions in Ukraine that Putin has occupied. This includes military headquarters for the Russian Army, air-defense installations, and weapons arsenals.

“Critically important information about Russian military facilities that have already been completed, are at the stage of construction/reconstruction, or are planned for construction, was transferred to the Security and Defense Forces of Ukraine,” the GUR said on its website.

The GUR added that, as part of Blackjack’s cyber operation, all the stolen data was deleted from seven Russian servers. Ukraine’s news agency Interfax said the hackers also disabled 150 computers.

“In fact, Russian special construction workers were left without the entire array of data and backup copies of information. Now they will have to build new facilities by memory,” sources in Ukraine’s law enforcement told local publication Ukrinform.

The development comes days after the hacker group was reported to have carried out a cyber attack against the Moscow internet provider M9 Telecom. It left Muscovites without internet access, Ukrinform reported at the time.

The publication cited an unnamed source as saying that it was a warm-up attack before a larger one, which would be carried out to take revenge on Russian hackers who infiltrated Ukraine’s communications giant Kyivstar in 2023. Newsweek has yet to verify the source’s claim.

In that attack, Russian hackers had gained access to the private company’s system from at least May 2023. They sought to gather intelligence and land a psychological blow, Illia Vitiuk, head of the Security Service of Ukraine’s (SBU) cybersecurity department, told Reuters earlier this month.

Some 24 million users were left without service for days, starting from December 12. Kyivstar, Ukraine’s largest electronic communications operator, said in December that it had fallen victim to a powerful attack by hackers that caused a “technical failure that resulted in mobile connection and internet access services being temporarily unavailable.”

“This attack is a big message, a big warning, not only to Ukraine, but for the whole Western world to understand that no one is actually untouchable,” Vitiuk said.

Do you have a tip on a world news story that Newsweek should be covering? Do you have a question about the Russia-Ukraine war? Let us know via [email protected].