Security News > 2023 > March > Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons

An unidentified whistleblower has provided several media organizations with access to leaked documents from NTC Vulkan - a Moscow IT consultancy - that allegedly show how the firm supports Russia's military and intelligence agencies with cyber warfare tools.

According to The Guardian, this latest whistleblower chose to distribute the secret Russian documents due to anger over Russia's bloody invasion of Ukraine and a desire to see the information reveal some of what is going on inside Russia.

The files, reportedly confirmed by five Western intelligence agencies, describe various Russian hacking tools implicated in major security incidents - such as a reported blackout in Ukraine, and the disruption of the Olympics in South Korea - and in the creation of the infamous NotPetya malware.

"The documents detail project requirements contracted with the Russian Ministry of Defense, including in at least one instance for GRU Unit 74455, also known as Sandworm Team. These projects include tools, training programs, and a red team platform for practising various types of offensive cyber operations, including espionage, IO , and operational technology attacks."

In 2020, the US Justice Department indicted six Russian GRU officers for allegedly carrying out attacks on the Seoul Olympics, Ukraine, France's 2017 elections, and other incidents.

The leaked files also reportedly link NTC Vulkan to a Russian hacking group called APT29 or CozyBear, based on information from Google security researchers.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/03/31/vulkan_files_russia/