Hacktivist Response to Navalny’s Death in Russian Prison
Shortly after the death of opposition leader Alexey Navalny in a Russian prison in February, a group of anti-Kremlin hackers sought retribution. Exploiting their access to a computer network linked to Russia’s prison system, they defaced a prison contractor’s website with Navalny’s photo and a message hailing him. Additionally, they allegedly accessed a database containing information on hundreds of thousands of Russian prisoners and their contacts, including those in the Arctic penal colony where Navalny died.
The hackers, claiming to be of various nationalities including Russian expatriates and Ukrainians, have shared this data in hopes of shedding light on Navalny’s fate. Furthermore, they manipulated prices on the prison system’s online commissary, reducing them to one ruble (approximately $0.01), as evidenced by screenshots and videos they posted. Typically, these items cost over $1.
According to the hacker involved, it took several hours for the administrator of the online prison shop to notice that Russians were purchasing food for pennies. Additionally, it reportedly took three days for the IT staff at the prison shop to fully address the discounted prices provided by the hackers. The hacker, confirming their involvement in the hack during an online chat, described how the access logs to the online store showed a rapid increase in purchases.
Russian Prison System Breach Triggers Official Response
The hackers claim that the breached database contains information on approximately 800,000 prisoners and their contacts. While a review identified some duplicate entries, the database still holds data on hundreds of thousands of individuals. Multiple prisoner names in screenshots shared by the hackers were matched with individuals currently in Russian prison, according to public records.
The online prison shop in question, seemingly compromised by the hackers, is owned by the Russian state and officially known as JSC Kaluzhskoe, as per Russian business records. JSC Kaluzhskoe operates in 34 regions throughout Russia.
JSC Kaluzhskoe, Russia’s Federal Penitentiary Service (FSIN), and the individual website administrators mentioned by the hackers have been approached for comment by various sources.
On February 19, the day after the hackers defaced the website and replaced it with Navalny’s photo, JSC Kaluzhskoe acknowledged on Russian social media platform VK that it had experienced a “technical failure” resulting in incorrect pricing for food and basic necessities.
Expert Confirmation & Hacker Retaliation in Prison Breach
Cybersecurity expert Tom Hegel, who has expertise in analyzing data dumps, stated that the leaked data appeared to be authentic and originated from the compromised prison shop.
Hegel, principal threat researcher at US cybersecurity firm SentinelOne, remarked that the hackers “clearly had full blown access to get it all.” He noted the thoroughness of the images captured and the data provided.
The hacking group reportedly sent warnings to administrators of the online prison shop, advising them against removing the pro-Navalny messages from the website. When the administrators refused to adhere to the demands, the hackers purportedly retaliated by sabotaging one of the administrators’ computer servers, according to the hacker’s assertion.
Alexey Navalny, known for his outspoken criticism of Russian government corruption, died under mysterious circumstances on February 16 at a prison in the Yamalo-Nenets region, located 1,200 miles northeast of Moscow. The US government has held Russian President Vladimir Putin responsible for Navalny’s death, a stance reiterated by US President Joe Biden.
Since Russia’s full-scale invasion of Ukraine, politically motivated hacking, or “hacktivism,” has surged. Following the invasion, a Ukrainian individual retaliated by leaking internal data from a Russian ransomware gang, purportedly revealing the group’s ties to Russian intelligence.
Various pro-Ukraine hacker groups have also joined the fray, claiming responsibility for attacks on Russian internet providers and websites streaming high-profile speeches by Putin last year.
According to Hegel, a researcher at SentinelOne, the war in Ukraine has ushered in a new era of hacktivism, unprecedented in scale. Hacktivism has become a potent tool for diverse groups to express their views, support their nations, target perceived adversaries, and influence the course of the conflict.
