Russia's FSB

In April 2017, an anonymous group of hackers calling themselves Shadow Brokers published a collection of cyberwar weapons  created by the National Security Agency.

Now a group of Russian hackers has published a set of tools commissioned by Russia’s Federal Security Service (FSB), according to the BBC. (The FSB is Russia’s equivalent of the FBI.)

The hack occurred on July 13, 2019. Instead of the main page of the site of the Moscow IT-company “Sitek”, an image of a face appeared with a wide smile and smugly squinting eyes (on the Internet slang – “Yoba-face”). Defacing by replacing the main page of the site, is a common hacker tactic and a demonstration that they were able to access the victim’s data. A snapshot of “Yob-face” appeared in a twitter account registered on the day of the attack.

The material was developed at the request of a Russian military unit.

Most of the non-public projects “Sitec” performed on the order of military unit No. 71330. Experts of the International Center for Defense and Security in Tallinn believe that this military unit is part of the 16th Directorate of the Federal Security Service of Russia, which is engaged in radio-electronic intelligence.

Unlike the Shadow Brokers leak, the Sitek documents are confidential, not classified, according to the BBC.

From the archive, which the BBC Russian Service was able to familiarize with, it follows that “Sitek” performed work on at least 20 non-public IT projects ordered by Russian special services and departments. These papers do not contain state secrets or secrets.

Source: Mosquito, Nadezhda, Nautilus: hackers revealed the essence of the projects of a secret FSB contractor – BBC News