herm1t
@vx_herm1t
Followers
5K
Following
3K
Media
246
Statuses
851
Демократична Сокира Ukrainian Cyber Alliance VX Heaven
Joined November 2020
The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left to them
16
245
2K
PMC Wagner has announced that they have taken down the satellite provider Dozor-Teleport and damaged user terminals. Their rivalry with the RU MoD is manifesting in an unusual way. This is the second major satellite provider breach after Viasat
30
357
1K
CIA's Hive backdoor listens all traffic waiting for the encrypted packet which will trigger reverse shell. This will stress load the CPU on target. Right thing to do is to set up BPF-filter on socket (marker is x * 1/x == 1):
4
100
397
According to monitoring, Dozor is still down, and among their clients are Northern Fleet ships, a nuclear power plant, military units of the Ministry of Defense and the FSB in very remote locations. It is nice to see russians fighting amongst themselves.
4
47
312
We took down the Tver administration's network. Dozens of virtual machines, backup storage, websites, email, hundreds of workstations – all wiped out. They have nothing left. The internet is down, phones aren’t working, even the parking system is dead
10
30
274
Trigone. The servers of the Trigona ransomware gang has been exfiltrated and wiped out by @UCA_ruhate_ Welcome to the world you created for others!
10
63
269
The restoration of the core network may take from several days to several weeks, while reprogramming user equipment and fully restoring the service can take months (picture from internal dozor wiki published by hackers)
4
34
225
I think that finding firmware for equipment in the midst of Arctic ice will not be easy
3
12
188
The fact that wagneritte hackers started to 'work on ru' is simply priceless
1
14
167
They confirmed: "Last night, an attack was carried out on our infra (presumably from Ukraine). The network has been destroyed. We are restoring it from backups. There are no timelines or forecasts at the moment. Our priority is to first restore telephony and the call center"
2
7
172
In the XZ backdoor a bitmap-trie is used for searching strings. But the simplest way to serialize the tree is to record it as S-expression. And if the branches are shuffled, we get polymorphism as a side effect
6
36
171
Я знаю, все ждут постов, команд и все такое. Постов достаточно. Лучшая команду - от местного тро - какой хуйни не творить (список). И. Мы ищем доступ. Не ддос, не инфо, не дефейсы, этим есть кому заниматься. Доступы. И уже ищем. Это будет не быстро, не зрелищно, но неотвратимо.
8
26
145
⚠️ Confirmed: Metrics show a disruption to satellite internet provider Dozor-Teleport which supplies Russia's FSB, Gazprom, Rosatom and military installations; the incident comes amid a wave of cyberattacks by a group claiming affiliation with Wagner PMC 🛰️📉
2
16
102
Meanwhile, we won in court, which ruled that we have no connection to the hacking of ODS airport, and that the police must return all seized items
7
17
110
My fellow hackers an security pros you could help us here in Ukraine to #StopRussia If you knew any vulns in russian systems, contact me or @UCA_ruhate_ Together we will make Russia pay a heavy price.
10
27
90
@olliecarroll Butthurt of so called "good russians" clearly shows that our enemy is the entire russian nation, drown too deep in their jingoistic exceptionalism, so the NAFO black joke is indeed a good one.
1
3
86
dd'ing NSPK/Mir payment system twelve hours after the breach while admins watching top
3
9
87
Ukrainian authorities prohibit citizens from using Starlink to maintain internet censorship. @elonmusk, JFYI
10
22
83
"Ukraine does not conduct offensive cyber operations but does conduct defensive ones"
3
13
75
Інтерв'ю для ДОУ щодо атаки, захисту, хакерів та зловредної федерації.
4
10
70
Russian military mortgage service went down. hoster as well We saved call records the rest gone
3
11
65
Rostelecom called ongoing cyber attacks on Russia "unprecedented" and "never seen before". That's just the beginning. Russia wanted to turn back the history and will return to stone age instead.
2
17
64
Tver admins (assessing the damage):.- We have some brandy somewhere. - Not enough
2
2
68
Smart Consulting, which was developing software for government services in thirty regions of russia, was targeted by the Ukrainian Hacker Group
6
10
62
Moscow-based provider Infotel, which facilitated communication between banks and the Central Bank of russia, has experienced an unexpected failure
4
13
62
just because I'm paranoid doesn't mean they're not out to get me. a bit chilling, less chilling than "Government-backed attack alerts" (seen 'em too)
5
9
53
Unidentified persons posted data (possibly) stolen from the state portal Diia on RaidForums. And it looks real :-(
5
28
61
Sanctioned russian company "PSB Innovations and Investements" (miltech) was hacked by UHG
2
11
62
Sample data from carmoney 1k records, full set is 12TB of highly senitive PII, photos, credit cards and credit histories
1
3
63
We at @UCA_ruhate_ have hacked one of the most important departments in Russia - the prison one. Let's start with "FSIN-Letter". Each letter has both the sender and recipient, and as you can see by the numbers, we have a lot of such letters. Sample
2
11
46
Did they did some? If so, this is a new, unknown type of offensive in military science – completely harmless and undetectable by the enemy :-)
4
6
56
ℹ️ Confirmed: Metrics show that connectivity has collapsed on Russian internet operator Nodex, as the company reports a cyberattack from Ukraine resulting the destruction of its networks; the incident affecting fixed-line and mobile services is ongoing 📉
1
3
55
Unlike russian blitzcringe, cyber is day-to-day job to seed disruption, deception and disorder in russia. Geo-fencing will not stop us.
2
9
46
The bug in the ukrainian state portal "Diia" allows you to specify any date in the vaccination certificate
2
16
47
If I were the author of ransomware I would read inodes directly from the file system's device. Just tried it on XFS, a few hundreds lines and it's damn fast.
3
2
45
@leonidragozin The same Menendez who once said that life in Donetsk is getting better because "the bodies are removed on time".
1
3
37
Russian bots in TG trying to pretend they are ukrainians. Extremely funny :-) #підлогакраїни
4
2
38
Xaknet and Killnet are so upset by the failures of the Russian army that they hacked and mined Putin's Ferris wheel
6
7
37
Jia wanted stealth both in file and in memory. As funny as it sounds, this negatively impacted performance. If he had used a generating automaton instead, maybe no one noticed. And the code would be much simpler
1
1
42
Russians constantly complain about "leaks" happening to them, everything breaking, falling apart, and malfunctioning. And we, at the Ukrainian Cyber Alliance, have encountered a significant problem as a result. We are running out of storage space . .
1
13
40
National cryptostandards will not help ruskiez with moskva1 passwords
1
2
35
2
0
33
So called "cyberweapon" is extremely boring and bug-ridden. It's a miracle that spooks are able to achieve their goals with such lame malware :-).
1
2
37
@VZhora The result of years long efforts to improve security and resilience together with international partners. Vast experience. International cooperation. Oh, wait. .
1
1
36
Ministry of digital transformation used bot farm to flood my post about possible leak from Diia state app. Their embarrassment looks like confirmation of breach an leak
2
6
35
UHG posted a sample from five hundred databases from which holds a third of the hosting market in Russia
2
6
32
btw, if one need to open a port without modifying the firewall rules, there is nice nf_register_net_hook function.
0
3
31
A new useful book on my shelf because our russophobia is insufficient yet (thanks @alcomystic)
1
2
31
There are two types of companies: those that already know they are attack vector, and those that have not yet realized it.
1
3
30
According to Russia Today, we are using SBU to wage war on Russia. What a wonderful nahryuk :-)
5
6
29
One could use Vyssotsky rotating hash in bloom filter to find neccessary imports in symbol table
2
5
29
@UCA_ruhate_ really like places where generals, ministers and press secretaries show documents at the entrance. I think that this person does not need to be introduced. While our counterparts are doxing lockheed, we will hack a bit through the russian "decision-making centers".
1
6
25
Вы кстати можете поучаствовать в ДДоС-атаках (сделали ребята из DC) или пораскидывать по заберебрику ссылки на двухсотых захватчиков
0
13
28
Just to show that we are deep inside russian networks, techspec of their USV
1
7
28
One hundred years of modern crypto and special services and finally this :-)
3
2
26
I have been asked to assist with the purchase of 0/N-days (not for criminal activities). I am ready to act as an escrow. The client is ready to spent up to one and a half million. If you have something, drop me a line with you contact here or in TG (herm1t_ruh8).
1
14
22
btw, routine for self-removal in Hive will never work as intended due to ETXTBSY, one need to unmap running executable first before wiping
1
2
23
@vxunderground LOL! "Zip archiving and encryption using XOR method, which eliminates the possibility of reading archive files by third parties even knowing the password, for example, by intercepting data transmitted over a communication channel or when a user loses removable media"
4
2
22