Anonymous Lays Waste To Russian Message Board, Releases Entire Database Online

Even as Russia brings suffering and sorrow to the people of Ukraine, hacker-activists are trying to bring some pain to Russians inside Russia. In that battle which is waged away from the public eye, no attack is too small. So Anonymous, a decentralized international activist and hacktivist collective, which has carried out several cyber attacks inside Russia, attacked a Russian message board, or internet forum, acquired user information and leaked the entire database online.

The hack, launched by KiraSec, a cybersecurity group of hacktivists working as an Anonymous operative, is an act of harassment against Russia for its invasion of Ukraine, which started in February. "The reason we have hacked this Russian forum is the same reason for our previous hacks and takedowns," AnonZenn, one of the leaders of KiraSec, told International Business Times in an exclusive interview.

"Russian citizens are blind to the reality due to Russian propaganda spewed by Putin and the Kremlin," he pointed out. While Russia was feared for its prowess in cyber warfare, Anonymous and other hacker groups has now shown it is only a paper tiger. And the group, which has carried out several spectacular cyber attacks against Russia, did not have a hard time hacking the Russian internet forums Expat.ru and forum.expat.ru.

"It was vulnerable to a multitude of different exploits and that it had open ports a secure website shouldn't," AnonZenn said. Whether Russians became too complacent because of its "unmatched" cyber proficiency, or everything was just propaganda is not clear but Anonymous found its way into the database and got its hands on confidential details, including the usernames and passwords, easily.

"We picked one of the exploits, which happened to be an injection of malicious code and exploited it. Once inside of the forum's database and admin account I immediately saved everything," AnonZenn disclosed.

The team also discovered a table that contained 3,600 accounts including "email, username, password, posts, date joined, including the admin's password (which was moscow00)." AnonZenn explained that while the passwords were hashed, it was only in MD5 (a cryptographically broken but still widely used hash function producing a 128-bit hash value), which for Anonymous is "very basic and extremely easy to dehash." It only took them a few seconds to know the hashed passwords.

For all their reputation on cyber security and hacking, the Russians were careless. The hacktivist said "they had the hashed password,and the clear text password right under it," which is a total giveaway because even if you do not know how to dehash, the password is just there. Anonymous shared that the Russian forum "not only has terrible security but the way they handle their users' info is absolutely insecure and laughable."

Anonymous then started logging into the accounts and posted "every single thread on the forum with different messages." Some posts trolled the Russians while others abused Russian President Vladimir Putin and had a link to a Ukrainian song.

Anonymous also changed the forum's location to Ukraine, changed some profile pictures to KiraSec's logo and messaged all the members via DM about Ukraine and Anonymous hacking their accounts. The forum's admins failed to stop the posts. The hack may seem nothing remarkable, but Anonymous said "this opens a world of chaos for the site owner."

Anonymous has published online all the user data it has laid its hands on.

KiraSec has taken down hundreds of Russian websites, Russian banks like alfabank, bank.yandex.ru, pro-Russian terror-leaning websites, Russian pedophile websites, Russian government websites, Russian porn sites and a lot more.

The cyber activists also "hacked various Russian SCADAs and ICS, nuking their systems and completely destroying their industrial machines."

KiraSec is also working with DarkLulz, another Anonymous hacktivist group that is very active in OpRussia and in OpBRICS. It is an operation similar to OpRussia but its scope extends to countries helping Russia with the war.

"Hopefully, with enough hacktivists targeting Russia and spreading this message it'll at least open the eyes of a few Russians caught in the crosshairs," Anonymous' AnonZenn said.