Security

Hacker group defaces Russian websites to display the Kremlin on fire

Comment

A screenshot of the defacements.

A hacker group that goes by CH01 defaced a series of Russian websites on the anniversary of the invasion of Ukraine.

The hackers replaced the sites’ content with a video showing the Kremlin on fire, along with a song by a Russian rock band named Kino. The video also includes a QR code that links to a Telegram channel, where the hackers posted a message claiming responsibility for the attacks and making it clear that these defacements were politically motivated.

“Hacker group CH01 in solidarity with the entire civilized world, in order to restore justice and the triumph of the forces of light and goodness, on the anniversary of the terrorist invasion of dictatorial Russia into a strong and independent Ukraine, we declare cyber war on dictatorship and totalitarianism and the idiocy of Putin’s criminal regime. Let the prophecy come true…,” the message read, according to an online translation from the original, which is in Russian.

CH01 appears to be a brand new hacking group, as their Telegram channel only had a couple of subscribers on Thursday night, and they published their first tweet on the same day.

A source shared a list of 32 hacked websites with TechCrunch on Thursday night (Friday morning in Russia and Ukraine). It’s unclear how many sites were defaced, or how the hackers were able to deface them. In cases of mass defacements, hackers usually find a flaw in a library or service used by all the websites they target.

The hackers also created a Twitter account and posted the video on the social media app.

Among the hacked websites, there’s one bakery, a company that distributes products for farming, a restaurant, a recording studio, a company that sells delivery services and technology to restaurants in Russia, a company that makes components for mechanical engineering and agriculture and a brick maker, among others.

Only two of those websites were restored to their normal appearance after 12 hours since TechCrunch was alerted of the defacements.

The choice of the song, which is titled “A Song Without Words,” is not coincidental. Kino was one of the most popular rock bands in Russia in the 1980s, and their lyrics often included themes of freedom, even though they were not outright political.

Hacking websites to display propaganda or make a political statement is as old as the internet, and it’s something that’s been done since the war began in Ukraine as well. In the last year, there have been defacements carried out by alleged hacktivists groups against Russian websites. One of the most active hacktivist groups in the last year has been the Ukraine IT Army, a loose collection of pro-Ukrainian technologists and hackers who scored some significant wins, like taking down Russia’s largest streaming service for three days.

Even the Russian government has allegedly gotten in the game. In May of last year, a statement by Secretary of State Antony Blinken called out the Russian government for a series of “malicious cyber activity against Ukraine,” which included “website defacements.”


Do you have information about hacks in the context of the Ukraine war? We’d love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email lorenzo@techcrunch.com. You can also contact TechCrunch via SecureDrop.

More TechCrunch

The official launch comes almost a year after YouTube began experimenting with AI-generated quizzes on its mobile app. 

Google is bringing AI-generated quizzes to academic videos on YouTube

Around 550 employees across autonomous vehicle company Motional have been laid off, according to information taken from WARN notice filings and sources at the company.  Earlier this week, TechCrunch reported…

Motional cut about 550 employees, around 40%, in recent restructuring, sources say

The keynote kicks off at 10 a.m. PT on Tuesday and will offer glimpses into the latest versions of Android, Wear OS and Android TV.

Google I/O 2024: Watch all of the AI, Android reveals

It ran 110 minutes, but Google managed to reference AI a whopping 121 times during Google I/O 2024 (by its own count). CEO Sundar Pichai referenced the figure to wrap…

Google mentioned ‘AI’ 120+ times during its I/O keynote

Here are quick hits of the biggest news from the keynote as they are announced.

Google I/O 2024: Here’s everything Google just announced

Google Play has a new discovery feature for apps, new ways to acquire users, updates to Play Points, and other enhancements to developer-facing tools.

Google Play preps a new full-screen app discovery feature and adds more developer tools

Soon, Android users will be able to drag and drop AI-generated images directly into their Gmail, Google Messages and other apps.

Gemini on Android becomes more capable and works with Gmail, Messages, YouTube and more

Veo can capture different visual and cinematic styles, including shots of landscapes and timelapses, and make edits and adjustments to already-generated footage.

Google gets serious about AI-generated video at Google I/O 2024

In addition to the body of the emails themselves, the feature will also be able to analyze attachments, like PDFs.

Gemini comes to Gmail to summarize, draft emails, and more

The summaries are created based on Gemini’s analysis of insights from Google Maps’ community of more than 300 million contributors.

Google is bringing Gemini capabilities to Google Maps Platform

Google says that over 100,000 developers already tried the service.

Project IDX, Google’s next-gen IDE, is now in open beta

The system effectively listens for “conversation patterns commonly associated with scams” in-real time. 

Google will use Gemini to detect scams during calls

The standard Gemma models were only available in 2 billion and 7 billion parameter versions, making this quite a step up.

Google announces Gemma 2, a 27B-parameter version of its open model, launching in June

This is a great example of a company using generative AI to open its software to more users.

Google TalkBack will use Gemini to describe images for blind people

Firebase Genkit is an open source framework that enables developers to quickly build AI into new and existing applications.

Google launches Firebase Genkit, a new open source framework for building AI-powered apps

This will enable developers to use the on-device model to power their own AI features.

Google is building its Gemini Nano AI model into Chrome on the desktop

Google’s Circle to Search feature will now be able to solve more complex problems across psychics and math word problems. 

Circle to Search is now a better homework helper

People can now search using a video they upload combined with a text query to get an AI overview of the answers they need.

Google experiments with using video to search, thanks to Gemini AI

A search results page based on generative AI as its ranking mechanism will have wide-reaching consequences for online publishers.

Google will soon start using GenAI to organize some search results pages

Google has built a custom Gemini model for search to combine real-time information, Google’s ranking, long context and multimodal features.

Google is adding more AI to its search results

At its Google I/O developer conference, Google on Tuesday announced the next generation of its Tensor Processing Units (TPU) AI chips.

Google’s next-gen TPUs promise a 4.7x performance boost

Google is upgrading Gemini, its AI-powered chatbot, with features aimed at making the experience more ambient and contextually useful.

Google reveals plans for upgrading AI in the real world through Gemini Live at Google I/O 2024

Veo can generate few-seconds-long 1080p video clips given a text prompt.

Google’s image-generating AI gets an upgrade

At Google I/O, Google announced upgrades to Gemini 1.5 Pro, including a bigger context window. .

Google’s generative AI can now analyze hours of video

The AI upgrade will make finding the right content more intuitive and less of a manual search process.

Google Photos introduces an AI search feature, Ask Photos

Apple released new data about anti-fraud measures related to its operation of the iOS App Store on Tuesday morning, trumpeting a claim that it stopped over $7 billion in “potentially…

Apple touts stopping $1.8B in App Store fraud last year in latest pitch to developers

Online travel agency Expedia is testing an AI assistant that bolsters features like search, itinerary building, trip planning, and real-time travel updates.

Expedia starts testing AI-powered features for search and travel planning

Welcome to TechCrunch Fintech! This week, we look at the drama around TabaPay deciding to not buy Synapse’s assets, as well as stocks dropping for a couple of fintechs, Monzo raising…

Inside TabaPay’s drama-filled decision to abandon its plans to buy Synapse’s assets

The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned. The…

Threat actor scraped Dell support tickets, including customer phone numbers

If you write the words “cis” or “cisgender” on X, you might be served this full-screen message: “This post contains language that may be considered a slur by X and…

On Elon’s whim, X now treats ‘cisgender’ as a slur