NRA Hackers Target the Kremlin; Large Chunk of Data Stolen in Bid to Overthrow Putin Regime

The Kremlin has been targeted by hackers, who have stolen a large chunk of data from its systems. Bank accounts, personal accounts as well as sensitive employee information, and others have been stolen from the network of Unisoftware, a company that develops and implements web applications and desktop systems linked to the Kremlin. The ransomware attack is a coordinated effort by the members of the National Republican Army (NRA) to overthrow the regime led by President Vladimir Putin.

The NRA hackers claimed to have stolen copies of all of Unisoftware's data, including the likes of credentials for bank accounts and personal accounts as well as sensitive employee information, according to Daily Star.

BitMart Hacked

Large Data From Unisoftware And Its Govt Clients Compromised

The NRA has claimed that they have stolen a large data from Unisoftware and its government clients which include banking and personal account credentials, employee information, phone numbers, addresses, contracts, and proprietary code for Unisoftware clients and software.

"Putin needlessly sending our young men to die in an unjust war waged against Ukraine that has resulted in the slaughter of innocent civilians, including women and children," a member of the group told Kyiv Post.


NRA Hackers Still Inside Unisoftware Systems

The Post confirmed the hacking after it received data from the NRA related to several Russian clients. The NRA stated that the company thought they have kicked them out and fixed the machines but they are still in their systems and have been there for months.

"They don't understand that we are still there, and have been there for months, and will continue to terrorize them for helping maintain the Putin regime," a member told the Post.

Russian IT Retail Giant DNS Also Targeted

Apart from the government clients, the NRA has targeted other clients of Unisoftware. But they have not released any material related to that. It's believed that Russian IT retail giant DNS could have been their target as DNS confirmed earlier this week that it was breached.

The DNS had clarified that the passwords and bank card data were safe, but information related to customers and employees had been compromised.

"We see that the attack was carried out by a group of hackers. Hacking was carried out from servers located outside the Russian Federation. We have already found gaps in the protection of our information infrastructure and are working to strengthen information security in the company," said DNS earlier this week, according to Infosecurity.

Read more

This article was first published on October 7, 2022