home » Plants » Farewell to "Humpty". What We Learned from Anonymous International

Farewell to "Humpty". What We Learned from Anonymous International

Peter Pan

Photo: EAST NEWS

Change text size: A A

The FSB collegium was going to a routine meeting. It was a dark December day, fading into twilight. Head of the second operational department of the CIB (Center information security) FSB Sergei Mikhailov went to his place at the long table. The officer was, as always, collected, focused, in his hands - a folder for papers made of hard leather. What happened next happened so quickly that even the eyewitnesses did not realize what was happening. Some people appeared, according to their tacks and appearance - their own, the security forces, and in a moment Mikhailov was already taken out of the meeting room with a bag on his head. This is how the Tsargrad TV channel described the arrest of a high-ranking law enforcement officer (it is difficult to vouch for the details). Then, in December, the public did not know anything. But now Mikhailov and his deputy Dmitry Dokuchaev are accused of collaborating with foreign intelligence services.

Each of the defendants was engaged in their own business - someone developed and applied cyber attack schemes, and someone collaborated with foreign intelligence services. These directions, as a rule, did not intersect, - Interfax quotes an anonymous security official.

So what really happened?

EFFICIENT OUTPUT

The arrest of Mikhailov and Dokuchaev is not connected with the case of the famous Anonymous International hacker group, Mikhailov's lawyer Ivan Pavlov said. However, both in the press and in private conversations of people who know something about this case, a different opinion can be traced. Although, of course, not all the details are clear yet - after all, the scandal is unique.

And it all started on the night when dreams come true. On December 31, 2013, the country was preparing for the holiday. Here is the President's address. The chimes will strike. A champagne cork will hit the ceiling.

But the thoughts of the people who called themselves "Anonymous International" were far from champagne. This day should be the birthday of their organization. And they had to declare themselves spectacularly and loudly.

Account "Anonymous International" in one of the social networks.

Happened. Hackers leaked the President's congratulations to the country even before it was shown even in the Far East. Moreover, in a draft version, which did not reach the screens. The Kremlin explained the incident as a technical flaw. As they say, no one was hurt, there was nothing "such" in the speech. But for whom it was necessary it was a bell. Because hackers have managed to break into super-secure channels. How they did it, no one understood.

AMERICANNO WITHOUT SUGAR PLEASE

The hotel in the center of Moscow is clearly preparing to receive difficult guests. A trained eye picks out security officials in civilian clothes, mixed with the crowd.

The sharp eyes of the surveillance officer focused on the visitors of the summer cafe near the hotel. Like nothing special. One of them opened his laptop and asked the waitress if she had a charger.

No? Well, nothing, I have 80% charge, enough, - the man smiled and licked his dry lips with a quick, sharp tongue, the waitress shrugged her shoulders, she did not like the man, some kind of slippery - but she immediately forgot about him.

And the unknown person launched an unusual program, and ended up in ... the depths of the phone of a high-ranking official. Who came to the hotel to meet with foreign investors. The man did not see the official, but - as if he saw. The official sits at the presidium table. He's bored. He takes out his phone and sees the Wi-Fi network. Connects to her. And he does not know that this net was thrown to him by a stranger with dry lips sitting in a cafe. And while the official is looking for which restaurant to dine in today, a visitor to the cafe downloads the contents of his mail. Which hangs on the gov domain. That is, on the state, service domain.

Yes, brother, and you connected the secret mail to a regular phone, as you all predict, - the man in the cafe smiles.

In ten minutes he knows everything about the official. The wife goes to an expensive doctor in Germany. The mistress whines that they have not met for a long time. Son caught smoking weed... Oh, that's interesting! And the cafe visitor freezes at the monitor.

THEM WILL BRING EVERYTHING

It is believed that the failed journalist Vladimir Anikeev acted in this way. They say that it was he who invented the "Internationale". Anikeev was arrested in autumn. If he really personally planted a false mobile network or false Wi-Fi on the victims, then he did it only at the start of his career. As soon as its scale grew, he moved to Ukraine. With great difficulty, the security forces managed to lure him to St. Petersburg. Allegedly to receive another, especially large, fee. They took him there. In complete silence.

They say that such work of hackers is not the most typical. But from the moment when Anonymous International became widely known, and Roskomnadzor banned the site called Shaltai-Boltai (which did little to stop those who wanted to visit it), supposedly Anikeev and his friends were incriminated by ... the officials themselves. To your colleagues.

Officials are like spiders in a jar. Passed a job. Wasted money without you. And the offended official begins to think how to punish competitors. They say that only a quarter of the data hackers have is a real hack. The rest is offerings.

BOTH THE CUSTOMER AND THE VICTIM PAY

The liberals immediately wrote down Humpty Dumpty as their ideological allies. Although they had no idea who it was. In the cafe on the Patriarch's Street, shabby men and brightly made-up women with the shrill voices of wounded seagulls began to talk about "the struggle of the Kremlin towers", about the "Robin Hood" that wound up at the "very top".

Who is our Snowden? - a publicist well-known in narrow circles spat his lips, pouring wine into a glass poorly washed by a waitress.

I would give him! - shouted, as if the truth had already given, a feminist with a short haircut.

Piqué vests were convinced, behold the Messiah is coming. But was it really so?

Somehow a friend calls me and says that my name appears on the site "Humpty Dumpty", - my interlocutor tells his story, looking down. - My head swam with fear, I climbed the link and really stumbled upon myself. My friend's email was hacked. They posted, as is their custom, some letters, and general description what's in the mail. The goal is to get the customer's attention.

- That is, everything hacked was put up for sale?

- Who is the buyer?

They first offered to buy everything to the victim.

- Buy the contents of your own mail?

Buy the right of non-disclosure of information. If the victim refused (my friend refused), the lot was put up for purchase by anyone. To the auction. Sold for cryptocurrency - bitcoins. As it turned out now, the sellers were in the Baltics. In Russia, bitcoins are kind of banned. But on the Internet, you can turn, for example, bitcoins into rubles. And withdraw them from your bank card. And all these prohibitions - zilch.

The story of my interlocutor is the usual “Robin Hoods” for business. As he says, his friend was fired from a serious post in one department. He began to take revenge - to threaten with revelations. The department got worried and decided to shut him up. Set Anonymous International on him. The humor is that if the "International" really adhered to a certain ideology, he would see his ally in the offended civil servant. But he calmly took the money and began to poison the one who was ordered.

It caught my eye that they worked carelessly, - says my interlocutor. - The mail was hacked. But my name was mixed up in the correspondence. The position was changed. It can be seen that they just googled it, because I changed jobs three years ago, and they called the old one. They just took money from the customer and now they wanted to milk the victim as well. My friend didn't buy anything. And no one bought the correspondence at the auction.

In fact, with the exception of high-profile lots, it often happened. True, the press persistently writes that one of the government officials paid the Internationale a whopping $10 million. Bought the secret. What he was hiding, and whether it is true at all, is still unknown.

CIA AS A BUYER

They say that a high-ranking FSB officer, Sergei Mikhailov, was assigned to deal with Anikeev. They also say that Mikhailov, instead of exposing the hacker, began to cooperate with him and actually led the group. There is no confirmation of this. Mikhailov was in good standing, they write that after the arrest of Mikhailov, the department he heads has to be built from scratch. Again, they write from the words of anonymous sources.

Anonymous and all our commentators. My next meeting is with an employee of a closed research institute, whom the Western media accuse of hacking the correspondence of American politicians in the US elections. The topic of elections was quickly closed, "we don't do that," says a guy with a long mane of red hair.

- What do you know about Humpty?

A little more than the rest. Ours didn't get dirty. They say that none of the arrested did not inject. The case is up. And then they took Rusik (Ruslan Stoyanov, an employee of Kaspersky Lab" - ed.), and he passed them all.

- As I understand it, the humpty people earned stupid blackmail. Why are they sculpting treason?

There is a fine line here. Foreign intelligence services are handy, and they don’t know how to break the mail of our states. And the guys from Humpty are ready to break and sell to those who pay. Foreigners pay. And this, you see, is treason. The fact that the Humpty people were sitting in Ukraine and in the Baltic states is not out of love for the ideals of the Maidan, it’s just that Ukrainians pick up all our trash, and ours don’t always reach Kiev.

SOLDAFONES WHAT YOU SPY

The fate of Humpty Dumpty is an ancient story about blackmailers and their victims, only wrapped in a modern wrapper. But this story also teaches that in our time not understanding how the Internet works is as stupid as not knowing that microbes are transmitted through the air. They told about one minister, a smart person, that, as soon as he got into office, he began to climb social networks from his work computer. He flew into a rage when the Ministry's security officers knocked on his door. Like, it's not allowed.

Soldiers! - eyewitnesses convey the hysteria of the official. - What are you spying on! It's up to me to decide what's right and what's not!

But it was precisely this holy negligence that led Humpty to learn so much.

Finally, this is a signal to our officials. Think thrice when you're about to steal. Your most camouflaged moves are like a book wide open to the experts.

SENSATIONS FROM THE INTERNET ROBIN HOODES

(the most notorious hacks of Humpty Dumpty)

- Hacking Medvedev's Twitter

On August 14, 2014, hackers controlled the Prime Minister's account for almost an hour. During this time, they managed to make a number of "political statements" on his behalf. Experts say the hackers did this to advertise their capabilities.

- Photo Potupchik with money

In the winter of 2014, hackers posted a photo of a person who looked like public figure Kristina Potupchik online. The woman was sitting with a bag full of "patties" with 5 thousandth bills. It was alleged that she received budget money “roughly” for certain purposes, and the photo was taken by those who gave the money for reporting purposes.

- Hacking Gabrelyanov's mail

It was conceived as an action of colossal power, but the public only found out that the famous media mogul was swearing and was in correspondence with the powers that be - and this was already understandable.

- Surkov Post

The hacking of Vladislav Surkov's mail in the fall of 2016 remained an unconfirmed action, the victims deny that the documents are genuine. However, the media write that it was the attack on Surkov that was the last straw, after which the authorities decided to “blame” Humpty.

HOW THE HATTER BURNED

The leader and ideologist of the "Anonymous International" is called the journalist Vladimir Anikeev by the media. He was born in Makhachkala, started working in St. Petersburg, since 2000 he has been searching for and selling compromising evidence on officials. When the activity became too dangerous, he moved to Ukraine, his accomplices were in the Baltic States and Thailand. And he came to Russia for money, and he stayed in St. Petersburg Angleterre, the very hotel where Yesenin committed suicide.

The media write that now he willingly testifies.

Yesterday, the Lefortovo Court of Moscow arrested two more employees of Shaltai-Boltai - Konstantin Teplyakov and Alexander Filinov.

But how it was possible to tie Anikeev himself - a separate detective. He pierced on ... a hat. Anikeev was terribly secretive. In 2015, he gave an interview to the Meduza portal, forbidding himself to be photographed. But the journalist insisted: who would believe that there was an interview at all? Then Anikeev offered to take a picture of his separately lying hat. The stupidity of the hacker is that he posted his photos in the same hat on VKontakte. Could two Russians in Bangkok have the same hat, thought the siloviki, who combed through the pages of Russians who lived in Thailand. So he was calculated. The irony is also in the fact that the Hatter character is from the story "Alice in Wonderland", from where the hackers took pseudonyms for themselves (Anikeev himself was Lewis Carroll, that is, the author of this entire "work").

Most of the members of the hacker group are wanted.

On Saturday, January 28, Rosbalt reported that FSB officers in St. Petersburg had detained the creator of the Shaltai-Boltai website, Vladimir Anikeev, better known in certain circles as Lewis. As it became known to the agency, the special operation was the result of a long work, during which the man was lured out of the territory of Ukraine.

Anikeev was taken to Moscow, where the FSB Investigation Department charged him under Article 272 of the Criminal Code of the Russian Federation (Illegal access to computer information).

The pinnacle of Lewis's "career" was the publication of correspondence allegedly belonging to Vladislav Surkov. In October 2016, a group of Ukrainian hackers who call themselves “Cyber Junta” took responsibility for it. But over the years of "creativity" in the "plums" of "Humpty Dumpty" other familiar surnames flashed every now and then. Rosbalt recalls the most resonant publications.

Putin's New Year's address

A few hours before the start of 2013, the Anonymous International organization published a New Year's address by Russian President Vladimir Putin. Then, for the first time in history, the head of state wrote down two congratulations - this was due to the terrorist attacks in Volgograd. At the disposal of the hackers was the text of a version that was not recorded near the walls of the Kremlin, but read from Far East where the President came to help the victims of the natural disaster.

"Temniks" for federal channels

About a mysterious group that publishes various secret documents, they started talking in 2014. Then the journalists received a number of letters, including the scenario of a rally in support of the Crimea, the data of closed opinion polls on the issue of the annexation of the peninsula to Russia, and reports on the activities of the Young Guard of United Russia.

On March 31, the blog of Anonymous International published a link to documents in which, as stated, “the administration of the President of the Russian Federation prescribed accents for covering certain topics.” Allegedly, the heads of federal channels were given instructions on how to show certain events. For example, in a story about a meeting with Prime Minister Dmitry Medvedev, it should have been explained that “during the 23 years of being part of independent Ukraine, Crimea, due to the fault of the Kiev authorities, has mainly degraded”, and “the goal of the Russian authorities now is to ensure the formation of a new life on the peninsula , to bring Crimea to the all-Russian standards in the quality of life”.

That was just the beginning. Later, Shaltai Dumpty published huge amounts of correspondence, allegedly belonging to the leaders of some media.

Exposing the Kremlin chef

On May 23, 2014, Anonymous International posted a photo with the caption "A Small Announcement for Monday" and a quote from Victor Pelevin's Empire V novel. among the main food suppliers for the Administrative Office of the President of Russia. He is also credited with curating the so-called "Troll Factory" in St. Petersburg, whose employees are engaged in posting comments on political topics on the Internet.

Three days later, the correspondence of alleged employees of the Internet Research Agency was published, containing various documents, reports, notes, estimates of the so-called "trolls". And then another batch. The letters contained, among other things, a mention of a certain confidential certificate, which must be handed over to Volodin and EV.

According to Anonymous International, the "troll factory" was engaged not only in commenting and promoting news on the Web. Allegedly, employees of the Internet Research Agency introduced their agents into a number of media outlets. So, Andrei M. described the work of one of the state news agencies: “Opposition actions are reflected with skepticism. We try to write about power in a positive way, but without aspiration, so as not to create rejection among readers.”

Another publication is connected with the Kremlin cuisine. The hackers allegedly had at their disposal the correspondence of employees of a catering company, which tells about what happened at dinners arranged for the highest officials of the state. One of the reports is titled as follows: “February 15, 2013, Moscow, restaurant of the Russian Geographical Society The birthday of Ivanov S. B. with the participation of Putin V.V.” According to the document, the menu that day included marinated Vasileostrovskaya smelt and black caviar with pancakes, as well as Somali ostrich meat, crocodile, goat meat, gray shark, piranha. “Hot meals were served on stones with the meat of exotic animals and fish. Putin V.V. ate grilled beef for a hot meal,” the report says.

More than a year has passed between the series of the above publications, during which time Roskomnadzor blocked access to the blog of the anonymous Shaltai-Boltai group.

"Departure" of Medvedev to resign

On August 14, 2014, it became known about the hacking of the Twitter account of the Prime Minister of the Russian Federation Dmitry Medvedev. Within a few minutes, the following entries appeared in his account: “I have long wanted to say. Vova! You're wrong", "I'll become a freelance photographer anyway!", "I'm retiring. Shame on the actions of the government. Sorry".

The fact of hacking was later confirmed by the prime minister's press service, noting that "the latest messages posted on the microblog do not correspond to reality."

On the same day, representatives of Anonymous International for hacking Medvedev's account.

Correspondence of Timur Prokopenko

In December, the hackers claimed that they had allegedly obtained personal letters and SMS correspondence from the deputy head of the internal policy department of the presidential administration.

SMS-correspondence contains links to various news of a political nature, discussion of recent events - special attention is paid to Ukraine. There is, for example, the following message: “Youth organizations will lay candles and flowers at the Embassy of Ukraine (Address: Moscow, Leontievsky per., 18) in memory of those who died at the hands of Bendera in Odessa. The number of participants in the action is 100 people. Time is 20:00. Zhen, write to the channels to everyone, as information about this action for their decision and call, write to me who will definitely be possible, but do not drive.

It was also reported about the cooperation of the Kremlin with the deputies of the State Duma.

In addition, it followed from the letters that the presidential administration was engaged in a campaign against Alexei Navalny.

Hacking Kiselev and Gabrelyanov

2016 brought bad news for two Russian media managers at once. At the end of April, Anonymous International announced the hacking of mailboxes and the Whatsapp messenger belonging to the famous TV presenter Dmitry Kiselev.

“The main part of the correspondence is occupied by letters related to professional activity Kiseleva - TV project "Russia Today" and everything related to it, also provides information on finances and assets, both personal and related to TV projects of the All-Russian State Television and Radio Broadcasting Company. Present in in large numbers and other very interesting information,” the hackers said in the message.

Part of the correspondence was put up for sale, part was in the public domain. From the published screenshots, it follows that "Dmitry" corresponded with a man named Vladimir Kuznetsov, known as the prankster Vovan.

The archive also contains a letter from Vladimir Medinskiy, in which he asks to find a job for his friend in the Rossiya Segodnya news agency headed by Kiselev. In addition, the data array contains personal photographs of Kiselyov, for example, from a ““tourist trip” with his wife to Syria.”

A group of hackers put the correspondence up for auction with a starting price of 33 bitcoins, that is, just under $15,000. Whether anyone bought the archive is unknown.

At the end of June 2016, Anonymous International attacked the head of the media holding News Media Aram Gabrelyanov. The hackers put up a complete archive with photos and videos for auction, some of which were published on their blog.

According to the hackers, the archive contains information about the working kitchen of LifeNews, the channel's accounting department, as well as "letters of indignation from journalists fired from the editorial office." So, in the array there is a letter from a certain Leysan S., who sends a report with information about employees to the addressee signed by Aram Gabrelyanov. Among them, as the author notes, there are those "from whom you can expect not very good news in relation to the team."

Among the letters there is a price tag that famous writers and political scientists are allegedly ready to ask for their speeches. As well as screenshots of SMS-correspondence, which contains, among other things, promises to delete unwanted information.

Ilya Davlyatchin

Vladimir Anikeev, alleged leader of Shaltai-Boltai. Photo from personal page VKontakte

How quickly things have changed! Until recently, the abbreviation "OPG" terrified entire cities. Remember? Orekhovskaya, Solntsevskaya, Tambovskaya ... Racketeering, extortion, bloody showdowns, then it was enough to turn on the TV in the morning to look at the victims of killers and the consequences of criminal showdowns.

Today it is already difficult to imagine such pictures, all this remained in the 90s. But crime has not disappeared. Everything just moved from the streets to the offices of officials. And modern bandits prefer computers to firearms.

Later they will write in history textbooks that the history of organized crime groups of the 21st century began with the detention of the Humpty Dumpty group! For several years they terrorized the country's leaders and top managers of large companies, extorting millions of dollars from them. And no one understood what to do with them, because any person who has a smartphone can be a victim of new bandits. I am sure that soon someone will make a movie about Humpty. While I collected a brief history in case you don't understand what I'm talking about...

WHERE IT ALL STARTED?

In December, Sergei Mikhailov (deputy head of the FSB Information Security Center), Dmitry Dokuchaev (a former hacker and then an employee of the FSB Information Security Center) and Ruslan Stoyanov (head of the Computer Incident Investigation Department at Kaspersky Lab) were detained in a treason case.

SO WHAT?

It turned out that Mikhailov oversaw the activities of the Shaltai-Boltai hacker group, and Dokuchaev was the direct perpetrator of the hacks and leaks! What Stoyanov is suspected of is not yet very clear, but he is a secondary person in this story.

WHAT IS HUMPTY DUMMY?

You've probably heard of Humpty Dumpty, even if you don't remember it. This is a hacker group that is actually called Anonymous International. And “Humpty Dumpty” is such a “press service”, on behalf of which all plums were published. Therefore, between these two names, everyone puts an equal sign.

Shaltai Dumpty was engaged in hacking the mobile devices of officials and businessmen, and then leaking archives of their correspondence to the network. At first he did it for free, but then the members of the group decided not to miss the opportunity to earn money. They contacted the owner of the correspondence and offered him to buy it. If he refused, then the correspondence was put up on the information exchange, where anyone could buy it for bitcoins. Only on the stock exchange "Humpty Dumpty" earned more than two million dollars.

Here are briefly their loudest plums:

December 2013 Draining the text of Vladimir Putin's New Year's address. On New Year's Eve, Putin repeated it word for word.

March 2014 Leaking recommendations from the Presidential Administration on how to properly cover the topic of Crimea on federal channels.

August 2014 Hacking mail and twitter Dmitry Medvedev. "Humpty Dumpty" did it for fun: "we decided to just troll." Then the famous records appeared on Twitter: “I am retiring. Shame on the actions of the government. I'm sorry" and "I've been wanting to say this for a long time. Vova! You're wrong!".

December 2014 Publication of a photograph of Kristina Potupchik (former press secretary of the Nashi movement) with a bag full of money. In addition to this, her correspondence was published. From the correspondence, it was clear that Potupchik wrote reports to officials about which media outlets abuse the authorities too often.

December 2014 Draining the correspondence of Timur Prokopenko (deputy head of the Presidential Administration for domestic politics). From the correspondence, it became clear that Prokopenko was responsible for placing custom articles against Alexei Navalny. Anastasia Kashevarova (assistant to the general director of the News Media publishing house Aram Gabrelyanov) helped him in this.

April 2015 Hacking the email of Alexander Zharov (head of Roskomnadzor). In particular, Zharov corresponded with Mikhail Demin (former CEO of Ekho Moskvy). Zharov coordinated the materials and discussed the work of the radio station.

July 2015 Publication of screenshots of letters from Ksenia Bolshakova (former assistant to the head of the Department of Construction of the Ministry of Defense), in which she discussed the publication of jeans in Kommersant, Rossiyskaya Gazeta, Vedomosti and other newspapers.

September 2015 Publication of official documents and correspondence of officials of the self-proclaimed DPR. They contain information about corruption schemes, torture, kidnappings, murders and raider seizures.

April 2016 Drain of Dmitry Kiselyov's correspondence. From it it became known that Kiselev bought an apartment for 162 million rubles and a boat for 49 thousand dollars. Letters were also found in which Kiselev agreed on how to cover various events in television programs.

August 2016 Hacking the mail and correspondence of Aram Gabrelyanov. Many details from his personal and working life have become known. Gabrelyanov was offered to buy back his correspondence, but he refused. As a result, it was published in parts, to the delight of the many haters of the media manager. In general, the situation did not hit the image of Aram Ashotych much, as it could not be worse.

October 2016 Hacking the mail of presidential aide Vladislav Surkov. It contained the "Plan of Priority Measures to Destabilize the Situation in Ukraine "Shatun"" and a list of candidates for the government of the self-proclaimed DPR. (This leak was published on the website of the Ukrainian hacker group CyberHunta, but many still attribute it to Shaltai)

DID Humpty Dumpty Have A LOT OF HACKERS?

It is known that there were a little more than ten people in Shaltai Dumpty. This was stated in an anonymous interview with Meduza by the founder of Humpty Dumpty, nicknamed Lewis. Rosbalt published information about six of them.

Lewis (Vladimir Anikeev)- Former journalist and black PR specialist. For a long time was engaged in the fact that, by order, he obtained compromising evidence on businessmen and officials. After the creation of Shaltai Dumpty, he acquired professional equipment and began to hack smartphones and tablets of officials from the Presidential Administration. He sent the obtained information to other members of the group.

Dumpty- a major St. Petersburg PR man. He communicated with hacked officials, businessmen and security officials and offered them to buy correspondence before they were leaked to the network. Thus he decided what would be published and what not. It was he who received money for posting or not posting other people's correspondence.

Humpty- IT specialist from St. Petersburg, who moved to live in Estonia. He sorted out the content sent by Lewis and chose what he could get money for. At the direction of Boltai and Lewis, he posted leaked correspondence and documents on the Internet.

The Hatter and the March Hare- ordinary participants of "Humpty Dumpty", in the life of IT people. Performed technical work, led the bookkeeping of the resource, processed the content. Both moved to live in Thailand.

Alice- a girl from Ukraine, a friend of Lewis. She carried out various assignments and was engaged in field work, visiting the same cafes in which employees of the Presidential Administration gathered.

And judging by the information from anonymous sources, all these guys were supervised by an FSB officer, namely the deputy head of the FSB Information Security Center Sergey Mikhailov.

OKAY, HAVE ANYONE ELSE DETAINED?

Lewis (Vladimir Anikeev) was detained in November 2016 - a month before Mikhailov's arrest. According to Rosbalt, he actively cooperated with the investigation and mentioned Mikhailov more than once in his testimony. It is also known that at the same time as Lewis, Alexander Filinov and Konstantin Teplyakov were detained in the same case. It is not yet clear who they were in Shaltai Dumpty. Several more members of Shaltai-Boltai were put on the wanted list by the FSB.

THIS IS ALL?

Almost. A few days ago it became known that Mikhailov and Dokuchaev not only participated in the work of a hacker group, but also collaborated with the CIA! Interfax, citing its source, said that "the themes of hacker attacks and betrayal seem to overlap in the case, but do not intersect."

TOTAL:

FSB officers Sergey Mikhailov and Dmitry Dokuchaev and Kaspersky Lab employee Ruslan Stoyanov were charged under Article 275 of the Criminal Code of the Russian Federation “Treason”.

Shaltai-Boltai participants Vladimir Anikeev, Alexander Filinov and Konstantin Teplyakov were charged under Part 3 of Article 272 of the Criminal Code of the Russian Federation “Illegal access to computer information protected by law”.

Who was responsible for what in the hacker group that stole the correspondence of Russian officials and businessmen

Journalists became aware of all the main participants in the Shaltai Dumpty project, which became famous thanks to the publication in the public domain of stolen personal e-mail correspondence of such statesmen as Prime Minister (and ex-President) of the Russian Federation Dmitry Medvedev and Assistant to the President of the Russian Federation (former first Deputy Head of the Administration of the Head of State) Vladislav Surkov. Most of the members of the hacker group have been put on the wanted list, and one of the founders, Vladimir Anikeev (Lewis), is in custody in the Lefortovo pre-trial detention center in Moscow.

Leaders

Chatter. The pseudonym of a major St. Petersburg PR man. He worked with many high officials and businessmen. IN last years the sphere of his interests was transferred to Moscow. It was after meeting Boltai that Anikeev's activity in collecting compromising evidence on civil servants and entrepreneurs reached a new level. Boltai and Anikeev came up with the project "Humpty Dumpty" together. Dumpty determined the editorial policy - whose correspondence should be posted on the Internet. He also performed the peculiar functions of the Secretary of State: all communication with officials, business representatives and security officials was conducted through him. Based on the results of this communication, the editorial policy of the resource was determined. In addition, Boltai was involved in replenishing the project's budget, receiving money for posting or not posting other people's correspondence. The lion's share of the funds settled with him. Anikeev was next in terms of funds received.

Correspondence of high-ranking Russian officials was stolen on a grand scale by the Hatter, Alice and the March Hare

Vladimir Anikeev (Lewis). He worked as a journalist in the St. Petersburg media, then he took up "black" PR. Having connections in various departments, he "extracted" compromising evidence on officials and businessmen. After meeting Boltai, according to Rosbalt's interlocutors, he organized a series of break-ins of the "boxes" of civil servants of the Northern capital. This was done through phishing. After the release of the Shaltai Dumpty project to the federal level, he organized the theft of the contents of phones and tablets of officials using equipment that creates false cells and fake Wi-Fi. He was a member of the presidential administration. He spent most of his time in Ukraine, where his official wife lives, as well as in Thailand. In October 2016, he was detained by the FSB when he was heading from Ukraine to St. Petersburg.

Junior partner

Humpty. IT specialist from St. Petersburg. He worked as a system administrator on a number of resources controlled by Boltay. After the creation of the Humpty Dumpty project, he left for Estonia. Has the citizenship of this country. It was Humpty who received the entire amount of information downloaded using false cells and false WI-FI. He studied content and selected from it belonging to officials, heads of state corporations and other persons from whom money could be obtained. Reported the results to Dumpty and Lewis. He, at the direction of the latter, posted content on the resources of "Humpty Dumpty". From the total earnings of the project Humpty received 20-30%. Was a junior non-voting partner.

Vladimir Anikeev - founder of the hacker group

Ordinary participants

Alice. Citizen of Ukraine. In Russia, she changed several professions until she got a job as an instructor in the St. Petersburg fitness center, where Anikeev worked out. The young people became close, after which Alice began to carry out Lewis's instructions. An attractive girl sitting with a laptop in cafes and restaurants where employees of the presidential administration gather did not arouse suspicion. In fact, content from visitors' phones and tablets was downloaded to this laptop. Alisa was also engaged in "cashing out" bitcoins in Kyiv, earned by "Humpty Dumpty" on the sale of someone else's correspondence.

The Hatter and the March Hare. IT specialists who worked in the Russian regions. Later they moved to Moscow, where they worked as system administrators on various resources. During one of the parties, we met Anikeev. They began to carry out his one-time orders. After the creation of the Humpty Dumpty project, we moved to Thailand. Managed the bookkeeping of the resource, processed the received content, and performed various technical work. In the summer of 2016, together with Anikeev, they created a company in Thailand that provides tourists with real estate rental services.

German Alexandrov

"Life", 01/30/17, "High-ranking officials appeared in the Shaltai-Boltai case"

Intelligence agencies are studying materials on representatives of government agencies and businessmen who collaborated with hackers or paid them for not disclosing compromising information about themselves.

The Shaltai Dumpty case promises to be the largest cybersecurity trial in Russia. As Life found out, currently 6 people have been arrested associated with hacking phones and instant messengers of officials and businessmen, and a dozen more people are under development. Among them are employees of large government agencies, who will soon be summoned for interrogation. The special services are also studying materials on those “opened” officials and businessmen who paid hackers belonging to the “Humpty Dumpty” group: they can become defendants in corruption cases. It was for the non-disclosure of this information that they could pay.

Lewis Carroll

On December 31, 2013, the Anonymous International hacker group, better known as Humpty Dumpty, published the president's New Year's address on its resource. This was the group's first statement about its activities.

Then the correspondence of Deputy Prime Minister Arkady Dvorkovich was posted by hackers, and the Twitter account of Prime Minister Dmitry Medvedev was opened. Correspondences of a number of major officials and businessmen were made public.

As an interlocutor familiar with the investigation told Life, the hackers from Shaltai-Boltai have come to the attention of the FSB since the beginning of 2014. The development and establishment of their personalities were carried out for almost three years.

And in October 2016, the founder of the group, a certain Lewis Carroll, was detained (the hackers took their names from the children's book Alice in Wonderland). It turned out to be journalist Vladimir Anikeev. He was detained not in St. Petersburg, as some media say, but practically on the border of Belarus and Russia.

He flew to Minsk by plane (from which country it is not known for certain) and then went by car to St. Petersburg.

After Anikeev drove along the highway the village of Ezerishche and crossed the border of Belarus and Russia, the special services detained him, - the source of Life notes.

The founder of "Humpty" often visited St. Petersburg. And he constantly stayed at the Angleterre Hotel, where the poet Sergei Yesenin once died. The craving for life in a big way and the desire for fame, by the way, led to the fact that Lewis Carroll was still declassified. While giving an interview to Meduza in Bangkok, which aired in January 2015, Lewis made the mistake of allowing the journalist to take a picture of his hat as confirmation that the interview was real. Silly, of course, confirmation. But before that, on his page on the VKontakte social network, Vladimir Anikeev exhibited photos from Bangkok in this hat.

After the arrest, Anikeev-Lewis made a deal with the investigation and told the FSB investigators about everyone who somehow worked and collaborated with Shaltai-Boltai.

Nothing personal, just business

Life's sources say that over the years of work to identify the members of the Anonymous International, it has been established that it was not just an association of altruists and supporters of goodness, truth and justice. The Shaltaevites worked in conjunction with officials, top managers of large companies and representatives of law enforcement agencies.

A serious base is documented. Over the years, it became clear who and what has to do with hackers. During the detention of Lewis Carroll, the information was confirmed. Performers, customers and founders have been established, - one of the interlocutors in the investigation notes.

Currently, 6 people are under arrest. Four detainees are known: journalist Vladimir Anikeev, head of the FSB Information Security Center Sergey Mikhailov and his right-hand man Dmitry Dokuchaev, and head of the Computer Incident Investigation Department at Kaspersky Lab Ruslan Stoyanov.

The last three were arrested after Anikeev's detention. Mikhailov and Dokuchaev have been charged with treason, while Anikeev and Stoyanov are charged with article 272 of the Criminal Code of the Russian Federation (“Illegal access to computer information”).

There are two versions of the cooperation between a high-ranking FSB officer and Shaltai-Boltai. According to the first, Mikhailov was instructed to establish who the "Anonymous International" was, and, having found out this, he led their work, which provided a significant profit to all participants. The blackmailing of officials and businessmen by their personal correspondence brought colossal dividends.

According to another version, initially "Humpty Dumpty" was created with the participation of the above-mentioned persons. But both versions say that the main ideology of the hacker group was "business" - extorting money from high-ranking officials.

According to Life, many civil servants and businessmen bought their correspondence even before it was put up for public auction. Hackers were paid by more than 30 officials (regional and federal) and representatives of the business community. More than a hundred victims of publications, who at least somehow appeared in correspondence.

"Humpty Dumpty" was also engaged in opening correspondence "on order". According to Life, the collected base can lead to any level of official and businessman who either collaborated with hackers or protected them. In the near future, some high-ranking representatives of state structures will be summoned for interrogation in the Shaltai-Boltai case.

Paying for Silence

According to the materials of the case, many Russian high-ranking officials and businessmen paid Shaltai-Boltai so that their correspondence would not only not be sold to others and not published, but that it would not even be put up for auction.

The correspondence of those who did not make a deal with hackers for two reasons was published - either the “opened” had nothing to hide, or they were sure that their roof was stronger and the publication of compromising evidence would not lead to their resignation or to other consequences. Those who were afraid of revealing some corruption schemes and their dishonest attitude towards partners were ready to pay huge sums of money for the silence of Shaltai.

With his victims, "Humpty Dumpty" worked according to several schemes.

As part of the first, “opened” officials or businessmen were immediately sent a message that hackers were ready not to publish correspondence for a certain amount. The amount was set, of course, by the hackers themselves. The official either agreed and paid, or refused.

According to the second scheme, the opened correspondence was put up for auction. A message was sent about this victim, and he had to give a larger amount than the other participants in the auction, if any.

The third scenario: an official or a businessman learned from an intermediary that he had been opened. And the mediator helped to negotiate with Shaltai Dumpty. If a person could not pay the established amount, then part of the correspondence was still exhibited, but not all.

Now, as part of the investigation of the Anonymous International case, the special services are also checking those who paid for the correspondence and materials of this correspondence, which may have a serious prospect in investigating the corruption schemes of officials and businessmen close to them.

Many of them paid just to ensure that information about corrupt deals and tenders in which they were tied up did not become public. Now it is possible that they will become defendants in cases - but not as victims, but as accused, - says a source in the investigation team.

How did you get "Humpty Dumpty"

The blackmail of the Russian establishment brought a high income, the group's popularity grew, but they were known by fictitious names from Alice in Wonderland. Glory seems to be there, but it is impersonal.

The members of Anonymous International did not hide the fact that they love Asia and periodically visit Vietnam, Thailand and Laos. Yes, and to meet with their victims or their representatives they sent messengers, who were followed by surveillance.

Some oligarchs and officials hired detectives, conducted their own investigation, the results of which also became known to the special services. Abroad, the Shaltaevites and those involved in them were led, among other things, by private foreign intelligence structures. The ring around the hackers was shrinking.

By the way, the fact that Tsargrad became the first media outlet that announced the connection of a high-ranking officer of the Information Security Center of the FSB of the Russian Federation with the Shaltai-Boltai hacker group is explained by the fact that the media owner Konstantin Malofeev is closely acquainted with a high-ranking official, whose correspondence was also opened "Humpty Dumpty", and at his request conducted his own investigation.

In addition, the same schemes used by Shaltay Dumpty itself were used - phishing letters through which they learned the passwords and logins of officials and businessmen, also through fake cells or fake Wi-Fi. For example, phishing emails were sent to the Internet addresses of the Shaltayevites, who fell into the hands of the special services. It was thanks to them that it was possible to connect the activities of the Central Security Bureau of the FSB, where Mikhailov worked, with Shaltai. The arrested Lewis Carroll finally confirmed the suspicion towards Mikhailov.

Ukraine and NGOs

A number of media outlets reported that members of Shaltai-Boltai worked with hackers from Cyberjunta, and Anikeev himself was very often in Ukraine.

The publication's sources explain that Shaltai-Boltai's only connection with Ukraine is a member of the Alisa group (the publication's real name is unknown). Alice is a former Kyiv prostitute. She, as a girl with low social responsibility, was still a kind of organizer of leisure at Shaltai: she “driven the girls” (since the guys didn’t particularly stand out in appearance and used the services of night butterflies), arranged trips, and had a large client base, in which were sometimes the right people.

There is no topic of Ukraine in the case materials. But the theme of Donbass is present. As Life found out, the Anonymous International servers are located on the territory of the DPR. These servers store all the information about Shaltai Dumpty's activities. Neither Russian nor Ukrainian law applies there. In fact, the territory is outside the legal field, which was very convenient for hackers. However, it will still be easy for the Russian security forces to seize the servers, unless there are those in this territory who have already eliminated all the information on the servers.

But the international theme also appears in this case. One of the defenders of those arrested are representatives of the human rights organization Team 29. According to some reports, this NGO is sponsored by the Soros Foundation, and the Shaltaevites themselves often visited the United States.

"Team 29" was created former employees Freedom of Information Foundation (IRSI). In 2014, the fund ceased its activities, as it was included by the Ministry of Justice in the register of foreign agents. By the way, the ex-wife of the head of Team 29, Ivan Pavlov, Jennifer Gaspard, was expelled from Russia on the basis of the conclusion of the FSB.

According to sources familiar with the investigation, the “Humpty Dumpty” case affects almost all parties. Russian politics. Yes, and during the investigation, data emerged pointing to famous and respected people.

All roles - the customer, the executor, the liaison, the guarantor, the witness, and so on - will be precisely established for each of the suspects. All those responsible will be punished, whatever their status. This case will definitely go to court, - says one of the interlocutors of the publication, emphasizing that those who are involved in the activities of the group are currently trying to present themselves as victims.

Alexander Zazykin

Vladimir Anikeev, who is considered the leader of the Anonymous International, could not help but incur the wrath of a serious department by writing a letter that was offensive to the Minister of Defense. "Humpty Dumpty" was not forgiven for the trolling of Sergei Shoigu and military counterintelligence.

"Anonymous International" hacked the correspondence of officials, politicians and businessmen for at least three years, for the time being - with impunity. "Fontanka" prompted the reason for the arrest of Anikeev, also known as Lewis. Apparently, this is not high treason, in which the officers of the FSB Information Security Center are accused, in which Lewis is not involved. He just didn't have to offend Sergei Shoigu, and then mock the army security officers.

"Humpty Dumpty", also posing as "Anonymous International", appeared on the Web at the very end of 2013. Since 2014, he began to play pranks seriously. Arrays of electronic correspondence attributed to Deputy Prime Minister Dvorkovich, top management of VTB, members of the Sosny cooperative and functionaries of the Young Guard of United Russia turned out to be available on the Internet. It was interesting to read. Fontanka told about some of them: stories and the Internet Research Agency associated with Yevgeny Prigozhin in Olgino.

The holiday did not last long. In subsequent years, "Humpty Dumpty" continued to delight with big names. Vladislav Surkov, the press secretary of the Prime Minister Natalya Timakova and Dmitry Medvedev himself, the reflections of a certain Yevgeny Viktorovich about the members of the tandem, the owner of News Media Ashot Gabrelyanov are far from full list. But there is less information. "Humpty Dumpty" took an open course for commerce and no longer laid out the full contents of electronic mailboxes. Two or three letters with shabby data for the seed - and welcome to the exchange, buy archives for bitcoins.

The authors of The Anonymous International remained elusive for the time being. In November 2016, Vladimir Anikeev, who introduced himself as Lewis, was detained - he was called the creator and inspirer. In December 2016, Sergey Mikhailov, head of the second operational department of the FSB Information Security Center, Dmitry Dokuchaev, an operative of the same department, and Ruslan Stoyanov, head of the computer incident investigation department from Kaspersky Lab, were arrested. It is assumed that Mikhailov and Dokuchaev were associated with Anikeev, although it is not clear which of them acted as a source of information. In January, Chekists and Stoyanov were charged with treason, and there was talk of a connection with the CIA.

As far as Fontanka knows, Vladimir Anikeev has nothing to do with the CIA, and the reason for the sharp reaction in the form of an arrest is excessive arrogance. If games with the correspondence of businessmen and even very high-ranking, but civil officials got away with it, then the military does not understand humor on the Web.

The call for Shaltai Dumpty may have rung in August 2015, when Anonymous International published an open letter to the head of the military counterintelligence department, Colonel-General Alexander Bezverkhny. Humpty Dumpty, demonstrating concern for the safety of military secrets, published several letters from the mailbox of Xenia Bolshakova, who served as secretary to the head of the construction department of the Ministry of Defense Roman Filimonov, the former vice-governor of St. Petersburg.

“We are regretfully convinced of the complete incompetence of employees of a number of departments of the Ministry of Defense of the Russian Federation in the field of information security, and more specifically, of criminal negligence. Through free mail services such as yandex.ru, mail.ru and the American gmail.com, unencrypted official documents were transmitted, often representing classified information related to the defense capability of the Russian Federation, ”wrote Humpty Dumpty. And he finished off: “In the records of the devices of Secretary Filimonov, Ksenia Bolshakova, there were passwords and access to the official mail servers of the Ministry of Defense. We note with sadness that if this information has become available to us, then with more Likely, it could also be available to the special services of a number of interested countries.

A complete archive of allegedly secret correspondence was put up on an electronic exchange for 350 bitcoins. Then one bitcoin cost less than 10 thousand rubles, today one bitcoin is 58.7 thousand rubles.

Anonymous International estimated its patriotism by half: “The array of Mr. Filimonov sold on the Information Exchange can be sold to military counterintelligence officers with a 50% discount. Subject to verification by us of these employees.

The signature said "Respectfully," but it looked fake.

It is not known whether anyone redeemed the letters from "Humpty Dumpty" and whether at the same time showed a counterintelligence certificate, but Anonymous International continued to mock with a comment on the stock exchange: “Sold. The lot was sold at a 50% discount.

According to Fontanka, Roman Filimonov was also offered to pay for the letters. He refused.

We do not know what words and to whom Defense Minister Sergei Shoigu spoke, but, as informed interlocutors assured us, both the content and the tone were extremely convincing. The Department of Military Counterintelligence received a command. Apparently, in the same 2015, the identities of the members of Anonymous International, who acted under the names of the characters in Alice in Wonderland, were not a secret.

The Information Security Center of the FSB, whose people now flicker in conjunction with "Shaltai", most likely was engaged in "Anonymous International" in parallel and came into contact with Anikeev. How their relationship developed and who acted as a source of information is not yet clear. The interest could be mutual.

In November 2016, Anikeev, who was in Ukraine, according to Fontanka, was invited to a meeting in St. Petersburg. With whom? Either with the employees of the Central Intelligence Agency, or with the Chekists from the Department of Military Counterintelligence, since it seems that both of them were playing their game with him. Anikeev, agreeing to a conversation, then panicked, instead of an airplane he used a car, and he was detained out of harm's way at the Russian-Belarusian border. The choice, obviously, was not too rich: extortion or illegal access to computer information. Judging by the fact that, according to the media, he actively testifies and agreed to a deal with the investigation, you already guessed what he chose.

What is interesting is who is behind Lewis. Unless, of course, he is not an independent figure. Employees of the Central Information Bureau of the FSB are not suitable for this role - Anikeev contacted them, having already become Lewis.

Anikeev's biography does not give an answer. Of course, he is not a journalist. Although he worked in a related field, he professionally worked with information in one of the information and analytical agencies until 2013. As the acquaintances of the future Lewis assure Fontanka, he was not a computer genius and preferred old-fashioned but reliable methods: personal acquaintances, conversations over a glass of whiskey. Indeed, as noted earlier, he was not indifferent to the female sex.

It is authentically known that Anikeev left the employer in the middle of 2013. A few months later, "Humpty Dumpty" declared itself. Lewis practically left St. Petersburg. Whether he was in charge of the Anonymous International, we do not know. Those who knew him a few years ago remark: "Not a leader." It is impossible to calculate what amounts Shaltai-Boltai could bring from blackmail on the Web, but it is noticeable that Anikeev did not demonstrate overconsumption. Lived mostly in a house in Pattaya, with his wife and dog. I visited Momento Beach Restaurant, where they charge 7-15 dollars for a dish. From time to time I visited the island of Koh Chang with my wife, where I stayed in the "fours" without pretensions - Koh Chang Sea View Resort and Cliff resort. If I had limited myself to civilians, maybe I would have lived there further.

Denis Korotkov, Fontanka.ru