A supply chain nightmare with a big reveal. Contractor to Russia’s Federal Security Service (FSB), SyTech, was hacked with 7.5TB of sensitive data exfiltrated --- exposing several projects designed to spy on users. Hacking group 0v1ru$ broke into SyTech’s Active Directory server and then breached the entire network, including a JIRA instance. But the most alarming discovery was on a project called Nautilus-S aiming to de-anonymize Tor using rogue servers. 

ZDNet briefly outlines other projects discovered in the take, including collecting data on social media users, penetrating P2P networks, monitoring email communications of Russian companies, investigating the topology of the Russian internet in relation to other countries’ networks, and secretly tracking information of highly sensitive state officials, judges and figures.