Two big Russian companies in the oil industry were hacked

This morning, the hacktivist group Anonymous claimed responsibility for an alleged cyberattack against two large Russian companies, stealing a large amount of data and making it available for download on various online forums.

According to the report, the first of the firms targeted is Moscow-based MashOil, which designs, manufactures and maintains equipment used in the drilling, mining and fracking industries. Anonymous would have stolen up to 110 GB of information from the company’s systems.

The leaked information would include up to 140,000 emails that can be downloaded via torrent and are available on the official website of Distributed Denial of Secrets (DDoSecrets), a non-profit organization in favor of transparency and disclosure of information of interest.

The Twitter account @YourAnonNews, used by the hacktivism group to publicize its activities, also confirmed the incident.

RostProekt, the second company attacked, is a construction company based in the Russian city of Ivanovo. In this case, the hackers claim to have carried out the attack during the past weekend, stealing 2.4 GB of email records. As in the first attack, the files can be downloaded from the official website of DDoSecrets.

The attack on RostProekt was originally confirmed through the Twitter account @DepaixPorteur, allegedly affiliated with Anonymous and which also played a vital role in the cyberattack against dozens of printers in Russia, a campaign during which hundreds of messages against war and censorship were sent on Russian territory.

From the beginning of the military conflict Anonymous took sides in favor of the Ukrainians, deploying a series of cyberattacks now identified as OpRussia. These attacks involve information theft, hijacking of radio and TV signals, denial of service (DoS) attacks, and other hacking variants.

In an interview with a cybersecurity specialist, the account manager @DepaixPorteur revealed that the group is working on a large-scale data breach belonging to Russian institutions in critical branches. The group says it could leak up to 1.22 TB of sensitive data in the coming weeks if the Russian invasion of Ukraine has not stopped by then.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.