Revenge of the Hackers: How Anti-Kremlin Activists Took Down a Russian Prison System
MOSCOW — In the wake of opposition leader Alexey Navalny’s tragic death in a Russian prison in February, a group of anti-Kremlin hackers wasted no time seeking justice.
Utilizing their access to a computer network linked to Russia’s prison system, the hackers boldly displayed a photo of Navalny on a hacked prison contractor’s website, as confirmed by interviews, screenshots, and data obtained by CNN.
“Long live Alexey Navalny!” exclaimed a message on the compromised website, accompanied by a snapshot of Navalny and his wife Yulia at a political rally.
In a shocking breach of security, the hackers also managed to obtain a database containing details on hundreds of thousands of Russian prisoners and their connections, including data on inmates at the Arctic penal colony where Navalny tragically passed away on February 16.
The diverse group of hackers, which includes Russian expatriates and Ukrainians, are now sharing this information, such as phone numbers and email addresses of prisoners and their relatives, in hopes of shedding light on Navalny’s untimely demise, as revealed by a hacker involved in the breach speaking to CNN.
Furthermore, the hackers exploited their access to the Russian prison system’s online commissary, where families purchase food for inmates, by altering the prices of items like noodles and canned beef to just one ruble (around $0.01), as evidenced by screenshots and videos posted by the hackers.
Typically, these products cost over $1.
It took several hours for the online prison shop’s administrator to notice the influx of customers purchasing items for mere pennies, according to the hacker, and three days for the IT staff to fully rectify the hacker-induced discounts.
“We watched the access logs and witnessed a rapid increase in customer purchases,” the hacker shared in an online chat with CNN, providing corroborating data to confirm their involvement in the cyberattack.
The hackers claim the database contains information on approximately 800,000 prisoners and their connections. CNN’s analysis found some duplicate entries but confirmed that it still includes details on hundreds of thousands of individuals, with multiple prisoner names matching those currently in Russian prisons based on public records.
The online prison shop in question, owned by the Russian state and officially known as JSC Kaluzhskoe, serves 34 regions in Russia, as per Russian business records reviewed by CNN.
CNN has reached out for comments from JSC Kaluzhskoe, Russia’s Federal Penitentiary Service (FSIN), and the website administrators reportedly outsmarted by the hackers.
Uncovering the Truth: The Aftermath of the Navalny Cyberattack
On February 19, following the hackers’ defacement of the website with Navalny’s image, JSC Kaluzhskoe acknowledged a “technical failure” on the Russian social media platform VK, attributing it to incorrect pricing for food and essential items.
Tom Hegel, a cybersecurity expert at SentinelOne, affirmed the authenticity of the leaked data, indicating that it likely originated from the breached prison shop.
The hackers had “full-blown access to get it all,” Hegel stated, noting the extensive imagery and data provided in the cyberattack.
After sending warnings to the online prison shop administrators not to remove the pro-Navalny messages, the hackers resorted to destroying one of the administrators’ computer servers when their demands were ignored, as claimed by the hacker.
Navalny, known for his outspoken criticism of Russian government corruption, passed away under mysterious circumstances in a prison located 1,200 miles northeast of Moscow on February 16. The US has held Russian President Vladimir Putin accountable for Navalny’s death, according to President Joe Biden.
With politically motivated hacking, or “hacktivism,” on the rise since Russia’s invasion of Ukraine, various groups have engaged in cyber retaliation. Ukrainian hackers released internal data from a Russian ransomware gang post-invasion, revealing alleged ties to Russian intelligence.
The war in Ukraine has ushered in a new era of hacktivism, noted Hegel, enabling diverse groups to express their views and influence the ongoing conflict through cyber means.
The hackers behind the online prison shop breach conveyed a poignant message on the compromised website, declaring their departure from Russia until the country is liberated from the Putin regime, pledging to persist in their fight for change. — CNN
