News

CH01 Hackers Defaced Russian Websites

On the anniversary of Russia’s full-scale invasion of Ukraine, hackers defaced Russian websites and posted a video of the burning Kremlin amid the music of the Kino band.

As information security specialists told us, Hacker groups split up: some of them support Russia, others Ukraine, and we also wrote that Due of the sanctions, Russian hackers are looking for new ways to launder money.

On February 24, the CH01 hacker group attacked several Russian websites. Cybercriminals have replaced website content with videos.

The video also contains a QR code with a link to the Telegram channel, where the hackers wrote that they claimed responsibility for the attacks and made it clear that they were politically motivated.

The hackers also created a Twitter account and posted the same video.


group tweet

Apparently, CH01 is a brand new hacker group as their Telegram channel was only created on February 23rd and they posted their first tweet on the same day.

At the moment, a list of 32 hacked sites is available, but their exact number is unknown, as well as how the hackers hacked the sites. In the case of mass defacements, cybercriminals usually find vulnerabilities in a library or service used by websites.

Among the attacked sites are:

  1. Bakery;
  2. Supplier of products for agriculture;
  3. Cafe in Saransk;
  4. Recording studio;
  5. Developer of an electronic menu for restaurants;
  6. Manufacturer of components for mechanical engineering and agriculture;
  7. brick factory.


An example of a deface one of the sites

Dozens of Russian sites now look like this, we now have all the data from these sites.
the hackers wrote in their Telegram channel.

Only 2 of all hacked sites were restored 12 hours after the defacement. The choice of a song called “Song Without Words” is not accidental. The texts of the Kino group often included themes of freedom, although they were not overtly political.

On February 23, the Ukraine Computer Emergency Response Team (CERT-UA) reported that Russian hackers had broken into several Ukrainian websites using backdoors planted as early as December 2021.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove News-xdetake.cc pop-up ads (Virus Removal Guide)

News-xdetake.cc is a domain that tries to force you into clik to its browser notifications…

46 mins ago

Remove News-bbufiya.today pop-up ads (Virus Removal Guide)

News-bbufiya.today is a domain that tries to force you into subscribing to its browser notifications…

47 mins ago

Remove News-xyixice.store pop-up ads (Virus Removal Guide)

News-xyixice.store is a site that tries to force you into clik to its browser notifications…

49 mins ago

Remove News-xlepege.today pop-up ads (Virus Removal Guide)

News-xlepege.today is a site that tries to force you into subscribing to its browser notifications…

50 mins ago

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

2 days ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

2 days ago