A hacker claiming affiliation with the decentralized international hacktivist collective Anonymous claims to have breached and leaked the database of Russian telecoms and censorship agency Roscomnadzor. The 820GB trove reportedly contains over 360,000 files and while it is yet to be examined in detail, may yet blow open Russia's draconian pirate site and media censorship operation.

hackerFor many years we’ve been reporting on efforts by Russian authorities to restrict access to internet content deemed ‘dangerous’ by the state.

Our focus has been on the relatively tight niche of copyright issues. These typically involve Russian telecoms agency Roscomnadzor and the use of powerful filtering and detection systems to block pirate sites that stubbornly refuse to remove movies and TV shows.

Importantly, the same systems can be used to block almost any website or service that runs contrary to the Kremlin’s vision for Russia, Tor included.

Those powers have been increasingly on display since Putin’s invasion of Ukraine. After the authorities passed a law that effectively outlaws honest journalism with penalties of up to 15 years in prison, Roscomnadzor went on to block Twitter, Facebook, and any news outlets that failed to toe the state propaganda line.

Censorship-busting VPNs also came under renewed attack in an effort to prevent accurate reporting from reaching the country. But now, as Russian forces face stubborn resistance in Ukraine, Roscomnadzor itself has been violated.

Anonymous ‘Hacks and Breaches’ Roscomnadzor
In an announcement posted Thursday on Substack, transparency group Distributed Denial of Secrets reveals that a source claiming affiliation with the decentralized hacktivist collective Anonymous has managed to gain access to a trove of Roscomnadzor data.

According to DDoSecrets, the data came from Roscomnadzor in Bashkortostan, the most populous republic in Russia with around four million people. It’s a big trove – 820GB of data spread across hundreds of thousands of files in tens of thousands of directories – so it will take time to properly examine what lies inside.

But, for now, DDoSecrets provides a brief rundown.

What’s In The Leak?
The release of the leaked data comes in two parts. The first, containing 363,994 files in 43,593 directories, reaches a total of 526.9GB. It also contains fresh data, with some files as recent as March 5, 2022, i.e more than a week into the invasion.

The second part is said to be two directories containing raw data files in proprietary formats for two databases, together exceeding 290GB. DDoSecrets say they will release the raw data while they find for solutions to extract the data. According to early assessments, one database relates to legal issues while the other could be related to HR procedures.

It appears that DDoSecrets wants to make the files public now to ensure that Roscomnadzor’s work is quickly accessible to Russian citizens, in case the state decides to follow through with its threat to launch the ‘Sovereign RuNet’. If that is implemented, it could mean that Russia disconnects from the wider internet.

Reaching Out To Ordinary Russian Citizens
“The source, a part of Anonymous, urgently felt the Russian people should have access to information about their government. They also expressed their opposition to the Russian people being cut off from independent media and the outside world,” the announcement reads.

“We are publishing this release in anticipation of Russia potentially being cut off from the global internet on March 11, and hope Russians will have time to download this data, before then.”

The Substack post can be found here and the leaked data here. Appropriately, given their resistance to blocking, torrents and magnet links are provided to access the data. Any potential downloaders should check the advisories first, to ensure they do not succumb to malware and phishing attempts