Almost a month after a cyber attack on the Russian space agency Roscosmos, it was revealed that the hackers used the Kremlin’s drug against them.
According to The Telegraph, hackers linked to Anonymous – Network Battalion 65 or NB65 – had revealed last month that they had stolen a ton of files from the Roscosmos. They had stated that Russian President Vladimir Putin “no longer has control over spy satellites”. To prove they had the files, the group even shared a tweet claiming to be server information from the Russian space agency.
JUST IN: Hackgroup ‘NB65’, affiliated with #Anonymously has shut down the control center of the Russian space agency Roscosmos. #Russia no longer has control over their own Spy-Satelites. #OnRussia#OnKremlin#FreeUkraine#FckPutinpic.twitter.com/1iZBDN48rw
— Anonymous TV ???????? (@YourAnonTV) March 1, 2022
Now, a month later, some of the files downloaded from the server and uploaded to the Internet have been analysed. Citing Intezer Analysis, The Telegraph reported that 66 percent of the source code of one file was “of the same code as Conti”, a Russian cybercrime ransomware that wreaks havoc on IT systems around the world.
The group that invented “Conti” had used the ransomware to extort millions of dollars from the United States and Europe when their cyberattacks targeted hospitals and health services. The hackers who used ‘Conti’ had even expressed support for Russian leader Vladimir Putin and warned that it will retaliate if cyber-attacks are launched against the Kremlin.
Now, however, the Intezer Analysis examined the source code of the NB65 hack on Roscosmos and revealed that the hackers were using Conti’s drug against them. The anonymous hackers were able to retrieve the source code for the cyber attack after it was uploaded to VirusTotal, which helps detect malware and ransomware around the world.
According to The TelegraphWilliam Thomas, a cybersecurity expert at Curated Intelligence – a research organization, said, “We know that NB65 created a modified version of Conti thanks to the preview on VirusTotal.”
Meanwhile, it is imperative to note here that when the Western hackers announced last month that they had broken into Roscosmos, the space agency downplayed the attack. The director general of Roscosmos, Dmitry Rogozin, had tweeted that nothing had happened. “The information from these crooks and petty crooks is not true,” he had said, adding that “all our space activity control centers are operating normally.”
The information provided by these scammers and petty scammers is not true. All our space operations control centers are operating normally. https://t.co/MY0qzlLqCI
— (@Rogozin) March 2, 2022
Furthermore, the Russian official even said that the Kremlin would consider hacking satellites a justification for war. But the infamous hacking group Anonymous continues to launch a series of cyber attacks in retaliation for Putin’s invasion of Ukraine. On Tuesday, the group again urged to continue hacking and releasing confidential information until Russia pulls out of its offensive.