Hacker Saps Russian Special Service Wallets, Transfers Everything To Ukraine

Hacking is an often misrepresented and misunderstood activity. Whenever you see them in the media (because I bet you don’t meet a lot of them in real life) they’re smashing a mechanical keyboard (the one that clicks loud) with a waterfall of green runes flying across their screen, saying “I’m in” moments later. You can be one of these hackers too!

But in reality, hackers must do a lot more work to get anywhere. Some hackers, like the one we’re talking about today, use their powers for good, like tapping into Russian Secret Service wallets and burning their funds or transferring them to Ukraine aid.

Crypto can not only be used for buying things but for waging warfare against a terrorist state, as it turns out

Image credits: Saksham Choudhary (not the actual photo)

According to an April 26th report by American blockchain analysis firm Chainalysis, an unknown vigilante used his skills to crack open almost 1000 Bitcoin wallets related to three Russian agencies, either making the funds disappear or transferring them for Ukrainian aid.

These agencies are the Foreign Military Intelligence Agency (GRU), Foreign Intelligence Service (SVR), and Federal Security Service (FSB). They have been found responsible for various hacking and disinformation campaigns in the past, such as the SolarWinds hack, targeting US federal government data.

An unknown hacker accessed almost 1000 Bitcoin wallets belonging to Russian agencies and just deleted their funds or transferred them to Ukraine

Image credits: Tima Miroshnichenko (not the actual photo)

People greatly appreciated his actions, especially when some of the wallets in the hack were actually related to other digital assaults and disinformation campaigns

The anonymous vigilante used a feature of Bitcoin to destroy over $300k of Russian agency funds

Now as for how the unknown hacker did it, I won’t go into too much detail, but they essentially used a feature of Bitcoin, the OP_RETURN field, which can be used to write a message – which is then immortalized in the blockchain – along with a transaction, making any funds attached to a transaction disappear forever. You would only use this feature to send messages with tiny amounts of Bitcoin, but the hacker effectively destroyed over $300k worth of Bitcoin.

In the OP_RETURN messages, the hacker mentioned which special agency the funds were going from and to, simply adding “Used for hacking!” to the end.

Image credits: Crypto Crow (not the actual photo)

Although we can’t be 100% sure if the hacker’s allegations are legitimate, such a huge amount of money destroyed could corroborate the story

We cannot be sure if the hacker’s allegations are true. Bitcoin and other digital currency news website CoinDesk say that they reached out to those three Russian agencies GRU, SVR, and FSB for comments, but they did not reply (what a shock, I know!).

But considering the fact that the person destroyed hundreds of thousands of dollars just to send a message and that some of the wallets have actually been linked to Russian agencies in the past, it does lend some credence to the allegations.

Image credits: Chantal Lenting (not the actual photo)

Most of the actions were done before the invasion of Ukraine, but when that happened, the hacker started funneling the funds towards war aid

For this article, Bored Panda was contacted by a reader, who brought us in touch with Chris Were, current CEO of Verida and software company Mozzler. Chris has extensive experience in software development, with more than 20 years under his belt. 

When asked for thoughts about the situation at hand, Chris mentions that he has heard of stories where government secret service agencies used crypto to secretly fund operations, and while he isn’t in a position to judge the legitimacy of it, he thinks the story isn’t too far-fetched.

“The fact the wallet owner effectively burnt over $300k of funds and then post the Ukraine invasion started to fund the war effort gives the most credibility to the story. I’m normally fairly skeptical of ‘hacking’ news stories because there is often a lot of FUD, however the blockchain doesn’t lie and provides some pretty clear motivation.”

Image credits: Sora Shimazaki (not the actual photo)

According to Chris, this kind of (semi)ethical hacking, known as white or gray hat hacking, is becoming more popular. He also suggests that we need a new term for this politically motivated hacking, such as “political” or “moral” hacking, as anonymous is a catch-all term for many hacks.

“We live in a society that has increasingly opposing views, while at the same time, is increasingly digital,” Chris says. He continues, saying that he isn’t one to condone actions that are illegal, but politically motivated, they can be an effective strategy of a victimless crime, for the most part.

It gets less white and more gray when the hacking is supported and funded by the government, rather than individuals. Since these hacks are anonymous and complex, it’s impossible to tell if it’s a collective or individual attack – whether it’s a state-sponsored attack or a person making a political statement.

There are things that people forget about when thinking about their online safety. In Chris’ opinion, one of the most overlooked parts of it is that email isn’t secure.

“I still encounter businesses asking for sensitive personal information to be sent to them via email. These might be copies of a driver’s license, passport, tax returns, and in some cases actual credit card details.”

It is essential to avoid sharing this kind of sensitive information via email, because, if accessed, it’s quite easy to steal someone’s identity and use it for malicious purposes.

Furthermore, people don’t understand the risk associated with two-factor authentication SMS. Chris says that SMS two-factor authentication should be avoided as it provides a false sense of security.

“A hacker may be able to purchase your phone number, full name, email and date of birth on the black market. Using that information, they can initiate a “sim-swap” hack, where they can call your phone company and have your sim card canceled and the hacker sent a new one.”

From there, the hacker can send you a phishing mail to capture your bank password and get a verification SMS to login.

Image credits: NEOSiAM 2021 (not the actual photo)

The hacker was burning money before the Russian invasion of Ukraine. After it began, the hacker started sending the money to be used for Ukrainian aid, rather than making it vanish into thin air.

It also has the added benefit of making the use of these addresses for similar purposes in the past much more difficult, as well as pointing out the fact that Russian cybersecurity isn’t as tight as they may have the world believe.

Share your own thoughts about the story in the comments below! And don’t forget – glory to Ukraine, Slava Ukraini!

Anyone can write on Bored Panda. Start writing!

Follow Bored Panda on Google News!

Follow us on Flipboard.com/@boredpanda!