Anonymous Release 10TB Leaked Data Exposing Kremlin Assets, Russian Businesses(trendsnewsline.com) |
Anonymous Release 10TB Leaked Data Exposing Kremlin Assets, Russian Businesses(trendsnewsline.com) |
The files "Vulnerabilities/Fetched Data.txt" appear to be output from an automated security scanner that targeted public-facing web servers. Some directory labels are inaccurate. For instance, a company listed as a crypto exchange—Cryptopro—is actually an IT consulting firm focused on cryptography and PKI.
A number of Word, Excel, and PDF files containing corporate reports and similar materials appear to be publicly accessible online and even indexed by search engines. I was able to locate several by searching their titles.
One file, "Part 1/Report those Russian ringleaders/russRingleadersPerDFUNAFO.txt", seems to be the likely source of the "Kremlin Assets in the West" mention. It’s a brief list of Twitter accounts and may have been assembled through open-source intelligence methods.
While the leak might contain some mistakenly published or sensitive material, I didn’t come across anything as significant or dramatic as implied by the article linked.
Also, why a PNG?
2022-12-02 10:25:11 ....A 10530 10092 Leaked Data of corrupt officials/Part 1/Leaked Data of Kanye West's Instagram account/IP, Port, Hostname.png
2022-12-02 10:26:08 ....A 39852 37635 Leaked Data of corrupt officials/Part 1/Leaked Data of Kanye West's Instagram account/SSL info.png
2022-12-02 10:27:01 ....A 124662 114729 Leaked Data of corrupt officials/Part 1/Leaked Data of Kanye West's Instagram account/Vulnerabilities.png
10TB seems just plain wrong (didn't bother downloading the whole thing, though).
Clever. Instagram is an image hosting platform. At the firewall, guards watching the network traffic wouldn't notice png encrypted screenshots of cracked IP addresses being exfiltrated, drifting in plain sight in the usual pixel streams.
A lot of ways to hide nasty surprises in such a file, too.
I create new accounts because i spend too much time on hn...
I suggest to download stuff because i assume people on HN are well equiped to check it out.
Click yourself some cheap vm in the cloud, download it, check it out. Cost involved? $10
Do you expect journalists with less it knowledge to do this? I mean yeah they can and should but people on hn should do too
Fake German detected. A true one would write "I'M A Software Engineer In Germany".
People that engage in tax fraud in places like Mexico and Russia often legitimately do it because they do not want the mob/cartels to find out how much money they have and then extort them. The data gets out.
Just a question I asked below. That's the size column in WinRAR (left of the Compressed column). Is it by coincidence also the number of files?
Did anything even happen after the Mossack Fonseca law firm was hacked? All I remember was a few people stepping down from govt positions, some rich folks get caught in the xfire (some football player used them).
But nobody went to jail.
Yes, the journalist who reported on it was killed
https://en.wikipedia.org/wiki/Daphne_Caruana_Galizia#Panama_...
Do you really think a WordPress website from India posting obvious fake news and conspiracies should be trusted?
Do you think the source that brought you this is reliable in any way: https://archive.ph/8RGAb "Shocking Footage: Hunter Biden & Ellen Caught in Adrenochrome Bust!"
Depends. Does it validate my Russian collusion delusion?
https://pbs.twimg.com/media/GomVrWxWMAA5S-_?format=jpg&name=...
[edit] site down - reddit link to the 10tb
https://www.reddit.com/r/worldnews/comments/1k0h9uu/anonymou...
Also x link to data
Somehow feels like a great way to get a bunch of people to download a rar with a zero day
https://blog.google/threat-analysis-group/government-backed-...
I also do not understand how Anonymous would sift through 10TB to confirm the validity of the claims.
Don't just download it on your windows home pc with your private data of course.
I really despise these things where its a drop n run, and all these yahoos in the comments just talk oblivious towards the fact that person who submitted it remains silent about it..
like... this looks like a sweaty guessing game with everyone in the comments, especially over something that's very likely just troubled/plagued assets to begin with
like, just ask the dude who submitted the shit about more information first or something
- As pointed out by constantcrying, this was published by Trendsnewsline, "an Indian right wing conspiracy news website": https://archive.ph/8RGAb
- New account Sonnigeszeug encouraging downloading of the archive
I'd recommend you avoid downloading anything unless you understand the potential consequences. Ideally do so in a sandboxed environment.
So the vulnerability is not in WinRAR, but rather in the ShellExecute windows code that desperately tries to find something else to run when asked to execute a file that does not exist.
As my security officer says at $dayJob, "having a security hole there for thirty years does not make it somehow less of a security hole".
Also yes, that's the file size column. Uncompressed left, compressed right. It's a directory but the screenshot doesn't say how many files it contains.
An unknown threat, potentially from the supposed nation-state target itself, has a very high risk.
I'm not versed in creating ultra-sterile lab conditions -- things can escape VMs, escape your network, nothing is impossible. Do I instead bring it to my employers systems and let them take the risk? And to what benefit, when I can just wait?
We are experts on HN. If we don't do it, others with less knowledge might or not might.
And no, a archive file doesn't just include a zero day. A zero day is very valuable.
I suppose it is a bit hard to find hardware without integrated wifi these days. Maybe taking a sbc (pi or whatever) and wrapping it in tinfoil would work?
I'm aware I'm being cautious to the point of paranoia, but anything with the Russian gov is just not something I feel like learning about the hard way, even if I think I'm able to make such a safe environment
Edit as I can't reply: your behavior is quite suspicious and so is some of the new green users commenting. That is exactly what someone embedded in the hacker culture would conclude after analyzing, not feel challenged by you to hurry and open the files.
*account details looks odd, copy and pasting ai summary of article
Click yourself any server anywhere, download it, analyse it, share your findings.
Obvious honeypot is obvious. If you want (technical) people to download your malware you're gonna have to do better than this.
If people on hn, knowing how things work, are skiddisch, what normal people will do? even less.
I clarified the effort and that we all should do it because we are probably the best people to do so.
AWS is expensive, in my mind, because of stuff like this. They don't want you to nirror it on aws, so egress is expensive. The $/GB/month storage fees it'll cost to store this while exploring it is not cheap, either. And once you have an idea of the data you want to move out of the gap, you want to process /extract it quickly (because of $/GB/Month costs...)
I just thought about a spare machine I have with a 12TB spindle and an SSD not plugged into a network.
I understand how to airgap, and unless something can magically worm it's way through HDMI that's probably how I'd get data out, just to be annoying to everyone. To be fair.
Its not necessarily about storing it longerm, its about 'looking into it'.
I don't get the Airgap thing though at all. There is a very minimal chance that this contains a zero day. The idea of a zero day is, that you can attack systems and you sell it to people who have high profile targets or systems.
Some random person downloading leaked data, everyone can download, is not a real target for a zero day.
And a zero day which breaks random unpacking tools and your vm/system, would be worth even more.
This is the equivalent of your grandma thinking you're a tech genius because you can restart the router. The skills required for this kind of work are specialised.