A group of anti-Kremlin hackers sought revenge shortly after the death of opposition leader Alexey Navalny in a Russian prison in February.
These hackers, who had access to a computer network linked to Russia's prison system, displayed a photo of Navalny on the hacked website of a prison contractor. This information was gathered from interviews with the hackers, as well as screenshots and data examined by CNN.
A message saying "Long live Alexey Navalny!" was found on a hacked website, along with a picture of Navalny and his wife Yulia at a political event.
In a shocking security breach, it seems that the hackers also managed to steal a database with details about hundreds of thousands of Russian prisoners and their families and friends. The hackers are saying that the data includes information about prisoners at the Arctic penal colony where Navalny passed away on February 16.
A group of hackers, claiming to be of various nationalities such as Russian expatriates and Ukrainians, have shared sensitive data online. This data includes phone numbers and email addresses of prisoners and their families. They hope that by sharing this information, someone will be able to reach out and provide assistance in understanding what happened to Navalny.
Moreover, these hackers have exploited their access to the Russian prison system's online commissary. They have manipulated the prices of items such as noodles and canned beef to just one ruble, equivalent to around $0.01. Screenshots and videos shared by the hackers show these changes in pricing on the online store.
Normally, those goods cost over $1.
This screenshot, provided to CNN by hackers claiming responsibility, shows a hacked website tied to the Russian prison system display messages of support for late Russian opposition leader Alexey Navalny.
Hackers who claim responsibility provided CNN with a screenshot showing a hacked website linked to the Russian prison system displaying messages in support of the late Russian opposition leader Alexey Navalny.
The administrator of the online prison shop took several hours to notice that Russians were buying food for pennies, as shared by the hacker involved. It would take three days before the IT staff at the prison shop could fully shut down the discounts provided by the hacker, according to the hacker’s account.
The hacker mentioned in an online chat that they were monitoring the access logs of the online store, which kept scrolling faster with more customers making purchases. They also provided data to CNN to confirm their involvement in the hack.
The hackers claim to have accessed a database containing information on approximately 800,000 prisoners and their relatives and contacts. Despite finding some duplicate entries during a CNN review, the database still holds details on hundreds of thousands of individuals. CNN was able to identify multiple prisoner names in screenshots shared by the hackers, matching them with individuals currently incarcerated in Russian prisons according to public records.
The online prison store that the hackers targeted belongs to the Russian state and is officially known as JSC Kaluzhskoe, as per Russian business records examined by CNN. JSC Kaluzhskoe operates in 34 regions across Russia.
CNN has reached out to JSC Kaluzhskoe, Russia’s Federal Penitentiary Service (known as FSIN), and the individual website administrators mentioned by the hackers for comment.
The day after the hackers hacked the website and changed it to display Navalny’s photo, JSC Kaluzhskoe made a post on the Russian social media platform VK. They explained that a "technical failure" had occurred, causing the incorrect reflection of prices for food and basic necessities.
Tom Hegel, a cybersecurity expert who has experience analyzing data dumps, confirmed that the leaked data appears to be authentic and came from the hacked prison shop. According to Hegel, the hackers had complete access to all the information. He mentioned that the amount of images and data obtained was very comprehensive.
A new era of hacktivism is emerging. Recently, a hacking group targeted the online prison shop administrators, cautioning them against removing pro-Navalny messages from the website. Despite the warning, the administrators chose to ignore the hackers' demands. In response, the hackers took action by destroying one of the administrators' computer servers.
Navalny, a popular political figure known for speaking out against corruption in the Russian government, passed away under suspicious circumstances on February 16 while in a prison located in the Yamalo-Nenets region, around 1,200 miles northeast of Moscow. According to US President Joe Biden, the responsibility for Navalny's death lies with Russian President Vladimir Putin.
Russian opposition leader Alexey Navalny appears via a video link from the Arctic penal colony where he was serving a 19-year sentence, provided by the Russian Federal Penitentiary Service during a hearing of Russia's Supreme Court, in Moscow, Russia, in January.
Alexey Navalny, a prominent figure in the Russian opposition, participated in a court hearing through a video link. He was serving a lengthy sentence in an Arctic penal colony at the time. The hearing took place at Russia's Supreme Court in Moscow in January. The video link was made possible by the Russian Federal Penitentiary Service.
Politically motivated hacking, also known as “hacktivism,” has been on the rise since Russia's full-scale invasion of Ukraine over two years ago. In response to the invasion, a Ukrainian man retaliated by leaking internal data from a Russian ransomware group, revealing their supposed ties with Russian intelligence.
Following this incident, pro-Ukraine hackers from different groups have also gotten involved. They have claimed responsibility for various attacks, such as targeting a Russian internet provider and disrupting websites that were streaming a prominent speech by Putin last year.
The war in Ukraine has ushered in a new era of hacktivism, according to SentinelOne researcher Hegel. Hacktivism has become a potent tool for various groups to voice their opinions, support their countries, target enemies, and try to sway the course of the conflict.
The online prison shop hack was accompanied by a message from individuals claiming to be Russian expatriates.
A message in Russian was found on a prison shop website on February 18, stating that IT specialists have left Russia. The message expressed their love for their country and their intention to return only when it is free from the Putin regime. They are determined to continue on this path until the end.
Editor's P/S:
The article highlights a