A hacker group defaces Russian websites by displaying a burning Kremlin on them. The hackers replaced the content on the sites with a video that shows the Kremlin on fire and music from a Russian rock band called Kino, along with a video. The video also contains a QR code that links to a Telegram channel, where the hackers posted a message claiming responsibility for the attacks and making clear that the defacements were politically motivated.
“Hacker group CH01, in solidarity with the entire civilized world, declares cyber war on dictatorship, totalitarianism, and the idiocy of Putin’s criminal regime to restore justice and reaffirm the triumph of the forces of light and goodness. We declare this on the anniversary of the terrorist invasion of dictatorial Russia into a strong and independent Ukrainian nation. An online translation of the original in Russian reads, “Let the prophecy come true,” according to a translated message.
On Thursday night, CH01 appeared to be a brand new hacking group since their Telegram channel only had a few subscribers, and they published their first tweet on the same day. A source shared a list of 32 hacked websites in Russia and Ukraine on Thursday night. There is no information on how many sites were defaced or how the hackers could do it. When it comes to mass defacements, hackers usually find a flaw in a library or service that all the websites they target use and exploit.
A bakery, a farm product distributor, a restaurant, a recording studio, a company that provides delivery services and technology to Russian restaurants, a company that manufactures mechanical engineering components, a brick maker, and a company that distributes agricultural products are among the hacked websites. In the twelve hours since it was alerted of the defacements, only two of these websites have been restored to their original state.
“A Song Without Words” is not just a coincidence. Although not outright political, Kino’s lyrics often included themes of freedom in the 1980s. It’s also been done since the war began in Ukraine, hacking websites to display propaganda or make a political statement. Several defacing operations have been carried out against Russian websites by alleged hacktivist groups in the past year. Last year, the Ukraine IT Army was among the most active hacktivist groups. This group, which consists of pro-Ukrainian technologists and hackers, has scored some significant victories, such as shutting down Russia’s most extensive streaming service for three days in January.
According to reports, even the Russian government has gotten involved in the game. A statement issued by Secretary of State Antony Blinken in May of last year named the Russian government as the perpetrator of a series of malicious cyber activities against Ukraine, which included defacing the Ukrainian government’s website.