Hacktivists claimed breaching the network of Belarusian intelligence agency and allegedly leaked their data in response to the intelligence chief’s recent public remarks accusing the group of plotting attacks on the country’s critical infrastructure, including a nuclear power plant.
The hacktivist group known as the Belarusian Cyber-Partisans, purportedly accessed personnel files of over 8,600 employees of the Belarusian Committee for State Security, also known as the Belarus KGB.
To substantiate their claim, the Belarusian Cyber-Partisans published a list of the website’s administrators, alongside its database and server logs, on their Telegram channel.
Yuliana Shemetovets, the group’s spokesperson based in New York, asserted that the attack on the KGB network was prompted by the agency chief Ivan Tertel’s recent public accusation against the group. Tertel accused the Cyber-Partisans of plotting attacks on a nuclear power plant.
“We do not. We never have. Because we are working to save the lives of Belarusians, not to destroy them unlike the Lukashenko regime,” the Cyber-Partisans said.
More Details on the Belarusian Intelligence Agency Hack
Shemetovets told the Associated Press the group had gained access to the KGB network “several years ago” and was attempting to breach its website and database ever since.
The hacktivists in a Sunday Telegram post shared more details from the Belarusian intelligence agency hack, publishing excerpts from the 40,000 contact forms filled by informants and whistle-blowers on the Belarus KGB website over the last nine years.
The informants’ data published has come from several countries including Poland, Germany, Azerbaijan, Lithuania and Ukraine the hacktivists said. In one such instance a Ukrainian citizen said he had “information about the concept and some technical details of a fundamentally new rifle complex … and the possibility of using a similar system as a modernization of tanks of the T-64, T-72, T-80, T-90 family.”
With the help of the data exfiltrated from the Belarusian intelligence agency hack, the Cyber-Partisans launched a Telegram chat bot called “facement_bot” that allows identification of KGB operatives. “Send a good quality photo with single face to the bot, and if there is a KGB officer in the image, the bot will return information on them,” the Cyber-Partisans said.
Shemetovets emphasized that the group’s objective is to unveil the truth about political repressions and hold those responsible accountable.
While authorities have not issued any official statements regarding the hacktivist claims, the website of the Belarusian KGB said “THE SITE IS UNDER CONSTRUCTION.”
The Cyber-Partisans last week claimed infiltration of computers at Belarus’ largest fertilizer plant, Grodno Azot, as part of efforts to pressure the government into releasing political prisoners. The state-run plant has not commented on the claim, but its website has been inaccessible since April 17.
The Cyber-Partisans claimed to have deliberately disrupted only the boiler unit of the plant, as there were backup sources for power generation.
“We had a good understanding of the internal processes of the plant and knew that this would not lead to dangerous consequences for people. But at the same time, we demonstrated our capabilities that we could really manage [with] the operation on Grodno Azot,” the Cyber-Partisans said.
Cyber-Partisans have previously also targeted Belarusian state media and, in 2022, launched attacks on Belarusian Railways, disrupting transit routes for Russian military equipment destined for Ukraine.
Belarus has been a close ally of the Kremlin and has supported its eastern neighbour in the Russian invasion of Ukraine. Before the start of the offensive, Belarus allowed the Russian Armed Forces to perform weeks-long military drills on its territory. It also allowed Russian missile launchers to be stationed in its territory, which drew a lot of flak from its own people and Ukraine’s allies.
“We’re sending a clear message to the Belarusian authorities,” Shemetovets said. “If they continue political repressions, the consequences will escalate. We will persist with our attacks to undermine the Lukashenko regime.”
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.