Sunday, Dec 04 2022
All Cities
Choose Your City
'What happens in Sibera stays in Siberia...unless it is covered by The Siberian Times'

Small Siberian city tarred with housing world's biggest password hacking gang

By Anna Liesowska
06 August 2014

Allegations from US cybersecurity firm contain no proof, and only slender detail.

The hacking allegedly involved 'any website, ranging from Fortune 500 to very small'. Picture of Gorno-Altaisk: The Siberian Times

Claims aired by The New York Times appear to indicate the gang operated in the tourist city of Gorno-Altaisk - gateway to the Altai Mountains.

It is alleged a crime ring 'amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses,' said the newspaper, citing Hold Security, a US company based in Wisconsin. 

'If they put the wonderful tourism of the Altai Mountains on the map for international travellers, they will do us a favour,' said one local official. 'But there seems something sinister in making these allegations which as far as we know have not even been examined by police.'

In fact, the newspaper which prides itself on accuracy did not name the city but dropped a heavy hint.

'The hacking ring is based in a small city in south central Russia, the region flanked by Kazakhstan and Mongolia,' alleged the newspaper. 

'The group includes fewer than a dozen men in their 20s who know one another personally - not just virtually.

'Their computer servers are thought to be in Russia'.

Only one Russian region borders BOTH Kazakhstan and Mongolia, and this is the Republic of Altai, though if the newspaper does not mean what is implied, it is to be hoped it will clarify the alleged location. Altai Republic's capital Gorno-Altaisk is the only city in the republic, and is the stepping off point for some of Siberia's most stunning scenery, as our pictures demonstrate.

Until now it has been known neither as a crime hotspot nor a centre of international hacking. 

Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang


Small Siberian city tarred with housing world's biggest password hacking gang

Gorno-Altaisk is the stepping off point for some of Siberia's most stunning scenery. Pictures: Svetlana Shupenko

'The records, discovered by Hold Security, a firm in Milwaukee, Wisconsin, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

'Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. '

The paper requested that an independent security expert not affiliated to Hold Security should 'analyze the database of stolen credentials and confirmed it was authentic'. 

The paper added: 'Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.'

The hacking allegedly involved not only large companies but 'any website they could get, ranging from Fortune 500 companies to very small websites', said Alex Holden, the founder and chief information security officer of Hold Security.

'There is a division of labour within the gang,' Holden was quoted as saying. 'Some are writing the programming, some are stealing the data. It's like you would imagine a small company; everyone is trying to make a living'.

Russian sites were also hacked, it was claimed. 

'So far, the criminals have not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work. But selling more of the records on the black market would be lucrative.'

The group is alleged to have begun as 'amateur spammers' by buying stolen databases on the black market.

Russian IT experts do not rule out that such an attack is possible, but believe it is unlikely that it could be undertaken by a group of hackers operating from the Altai Republic. Information security expert Sergey Kirillov questioned whether in the Altai Republic there is a sufficient number of qualified personnel who could crank up such an operation.

Besides, he argued, such massive network activity would be noticeable for the intelligence agencies. 

Kirillov argued it was possible that the head of Holt 'understands that the relationship between Russia and the United States is now strained, news on this topic can be popular, and as a result he got good, probably free, publicity in one of the major US newspapers, and around the world. 

'Now he will convert all this the buzz into new orders for information security'.

Comments (1)

Nice job of unbiased independent news coverage.... Not!
Savta, Netherlands
07/08/2014 03:38
1
0
1

Add your comment

We welcome a healthy debate, but do not accept offensive or abusive comments. Please also read 'Siberian Times' Privacy Policy

Name

Town/Country

Add your comments

The views expressed in the comments above are those of our readers. 'Siberian Times' reserves the right to pre-moderate some comments.

Control code*

Type the code

* obligatory


News

Business

The Bank of Russia official exchange rates of foreign currencies
EUR64.99USD61.77GBP75.78Other...