Stories from Quick Reads and RuNet Echo
Some pro-Russian videos appear to have gone viral, and not in a good sense. Motherboard reports that a group of unknown hackers has been infecting Internet users’ computers with viruses and using them to inflate views on news videos with a pro-Russian slant, as well as some other content.
New research by security firm Trustwave shows that victims got infected by visiting a compromised website that installed an exploit kit (an off-the-shelf software package allowing for easy attacks) on their computer, along with a trojan virus. The infected computers would then stealthily rack up views on the videos.
The videos identified by the researchers all appear to be pro-Russian, such as a one from the Iranian English-language broadcaster PressTV that quotes a Russian Parliament member justifying the annexation of Crimea. The goal of the operation, according to Trustwave researchers Rami Kogan and Arseny Levin, was to artificially increase the popularity of a video and make it more visible to users of the site Dailymotion.
Trustwave experts say the suspicious videos all share the same traits: they all have a fairly high number of views (around 320K, most of them within minutes of each other) but no social media shares or comments. By artificially inflating the clip's popularity, the fraudsters also make the video more visible to other users of the video site.
Using bots to generate fake traffic to video clips is nothing new. It is a technique to raise a clip's popularity score and achieve higher visibility. However, this is the first time we've observed the tactic used to promote video clips with a seemingly political agenda.
Both Trustwave analysts and independent security researchers told Motherboard that using malware for political aims was new, but that such ‘invisible propaganda’ could be very effective, as only its results were visible,but not the fraudulent mechanisms behind them.
“We have seen hacks that are motivated by money and other ‘hacktivist’ attacks that are motivated by politics,” Karl Sigler, the threat intelligence manager at Trustwave, told Motherboard. “This current campaign shows that those two motivations are starting to evolve and blend together.”
While it is unclear who is behind the campaign, Trustware experts speculate that those who spread the exploit kit and the malware simply aimed to make money, and that someone else paid them to add fake views to pro-Russian propaganda videos.
Internet Ombudsman Dmitry Marinichev has written a letter to President Vladimir Putin, proposing amendments to the new data retention law and suggesting that Russians’ personal data could be stored abroad with the permission of the owners.
Russian Legal Information Agency (RAPSI) reports:
Marinichev has proposed allowing foreign online companies to store Russians’ personal data in a country that is a signatory to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, according to Izvestia.
A total of 46 countries have ratified the convention, including Russia, the UK, France, Germany, Italy and Spain, as well as post-Soviet countries including Azerbaijan, Armenia, Georgia, Latvia, Lithuania, Moldova and Ukraine.
“We don’t want to lose global online services, which will be unable to operate in Russia unless the law is amended. I suggest that amendments be discussed with the expert community,” Marinichev said, as quoted by Izvestia.
The data retention law that requires social networking sites and foreign companies providing Internet services (like airline tickets and consumer goods sales) in Russia to store Russians’ personal data on servers inside the Russian Federation, will come into effect on September 1.
An unlikely event occurred in Moscow last week, when police chased a towing truck hauling a bright yellow minivan through the Red Square in the heart of the capital.
The car chase drew many spectators, not in the least because no cars, motorbikes, or bicycles are allowed on the Red Square. And where there are spectators with smartphones, there are always photos.
— События дня (@GazetaRu) February 25, 2015
A towing truck with a minivan broke through to the Red Square—photo report:
The story only got weirder from there, as it turned out the towing truck was hijacked by the indignant owner of the very minivan it was attempting to tow. Reportedly, the man attacked the towing truck's driver and them drove off.
Хозяин машины, помещенной на эвакуатор, сам отобрал эвакуатор и выехал на нем на Красную площадь pic.twitter.com/4lMbi9J1Hw
— RIP Новости (@riarip) February 25, 2015
“The owner of the minivan that was on the towing truck hijacked the truck himself and drove into the Red Square.
Some Twitter users noted the color scheme of the two cars was reminiscent of the Ukrainian flag and drew immediate parallels with the ongoing confrontation between Ukraine and Russia.
Эвакуатор цветов украинского флага устроил протестное катание перед носом Путла по Красной площади pic.twitter.com/2MLLcKhRka
— Європейський вибір (@European_choice) February 25, 2015
“A towing truck in Ukrainian colors staged a protest ride under Putlo's [Putin's] nose in the Red Square.”
Police pursued the hijacker, but he led them on quite a merry chase before they managed to stop him. Because the Red Square is one of the most popular tourist locations not only in Moscow, but in all of Russia, the event was also caught on video.
Полиция и эвакуатор устроили погоню на Красной площади: http://t.co/paEuXNA7Z3
— Djigit of the USSR (@Djigit_USSR) February 25, 2015
Police and a towing truck in hot pursuit in the Red Square:
The ban on access to the Red Square for motorized vehicles has been in place since 1963, when it was instituted in order to preserve the pedestrian area for the hordes of tourists admiring the views. Apparently, though, the ban does little to prevent daredevils like the towing truck hijacker from driving right through the heart of downtown Moscow—and going viral on social media while doing so.
IP addresses inside the Russian government continue to be active on Wikipedia, where a computer at the Russian Secret Service, the FSO, revised the German entry for Malaysia Airlines Flight 17, changing the word “separatists” into “rebels.” The Twitter bot @RuGovEdits, which automatically logs all Wikipedia edits made from Russian government IP addresses, caught five separate attempts by an FSO computer this morning to make the “rebels” language stick. The effort failed. German Wikipedia editors reverted the article's language to the original text, every time.
A Russian chocolate company in Novosibirsk has released a new candy bar called “The Crimea” with the slogan, “Just try to grab it!” A product announcement shared with the press features a super-hero character wearing the colors of the Russian flag, standing before a map of Crimea, with the following tagline:
Даже в то время, когда страна принимает непростые решения, мы не перестаем улыбаться. Потому что мы—Россияне!
Even in times when the country is making difficult decisions, we never stop smiling. That's because we are Russians!
The company responsible for this new confection, “Chocolate Traditions,” has produced other specially themed sweets. Earlier this year, it announced a fudge bar called “the Viagra.” There are also several holiday-themed candy collections, for Victory Day, Women's Day, and so on. One kilogram (2.2 pounds) of the Crimea chocolates costs 130 rubles (about $4).
Russian Internet users have showed great interest in the new Crimea-themed candy bar. According to Yandex's blogs search engine, the past few hours have seen over a thousand posts on the subject. Many Russians have noticed that the chocolate bars expire after ten months, leading several bloggers to joke that Russia's occupation of Crimea won't last another year.
В российских конфетах “Крым – а ну-ка, отбери” срок годности 10 месяцев. В январе Крым вновь станет украинским. pic.twitter.com/10y2Zhd4uu
— Льовочкинъ (@slevo4kin) June 5, 2014
The Russian candy “Crimea—just try to grab it” has a shelf life of 10 months. In January, Crimea will become Ukrainian again.
Ukrainian graffiti and street art, previously visible mostly to Ukrainians and tourists walking the streets of Ukrainian cities, is now available to Internet users across the globe. Google Art Project, an extensive online collection of works of art of different genres and periods, curated by the Google Cultural Institute, now features a collection of Ukrainian street art.
Street art first appeared on Google Art Project in June 2014, and today the website features over 10 000 high resolution works of street art from 86 artistic collectives in 34 countries. The newly added Ukrainian works come from participants of “Respublica,” an international street art festival, and add to an extensive collection of captured images in an attempt to archive graffiti and murals before they disappear.
Стріт-арт перетворює вулиці міст у відкриті галереї. На жаль, ця форма мистецтва є дуже ефемерною – вона може існувати сьогодні, а вже завтра зникне назавжди. За допомогою Google Art Project ми намагаємось зберегти вуличні шедеври та зробити їх доступними для всіх.
Street art turns the city streets into open galleries. Unfortunately, this art form is rather ephemeral—it can exist today, and be gone forever tomorrow. With Google Art Project, we try to preserve the street masterpieces and make them accessible to everyone.
Vladimir Yakovlev, the founder of Kommersant newspaper and former editor of Snob website, is raising funds for a new Russian independent media project on the crowdfunding platform Kickstarter. The project's description on the Kickstarter page claims the goal is to create a media outlet that will counteract the Russian “state propaganda machine” and help “turn zombies back into people.”
Russia today is torn by hatred caused by a multimillion-dollar state propaganda machine. This is a real danger for an entire world as we know it.
People hate each other. They have a terrible delusion that Russia is surrounded by enemies. Recent murder of opposition politician Boris Nemtsov is just one of numerous casualties of state-funded hatred campaign.
Now, more than ever, we need a new independent media to unite the best journalists by common goal: to stop propaganda of hatred; to find a way to resist the madness that is tearing apart an entire country bringing it closer and closer to a horrible social disaster.
I want to start this new media project as soon as possible. It will be a powerful, formidable, effective multi-media platform free of political control and Kremlin power.
If Kremlin media is so good in turning people into zombies, why can’t we create a media to turn zombies back to people?
As the world watches Russian soldiers and Russian-backed separatists occupy Ukrainian administration buildings, cities, and even an entire peninsula, a group of Ukrainian hackers is fighting back by launching an invasion of their own.
Since this summer, Ukrainian hacker Yevgeniy Dokukin and his group of fellow computer pros calling themselves Ukrainian Cyber Forces have carried out “Operation Bond, James Bond,” in which they leaked web camera and security footage from Crimea, separatist-held areas of eastern Ukraine, and even government offices in Russia. Dokukin and the Ukrainian Cyber Forces have been leaking videos from cameras for months now, including a video supposedly from a separatist base in Donetsk.
A few weeks ago, Dokukin and his allies took up new weapons in their cyberwar: printers. In a series of Facebook posts, Dokukin has explained how, after accessing private WiFi networks, the Ukrainian Cyber Forces were able to print documents on vulnerable networked printers in various offices in Crimea and separatist-held areas in eastern Ukraine, and were now trying to do the same in Russian networks.
— MustLive (@MustLiveUA) December 8, 2014
#UkrainianCyberForces have begun occupying networked printers in Donbas and in Crimea.
As Dokukin told RuNet Echo, he sees the wasted ink and paper in Russia as a variant on Ukraine’s own “economic sanctions” aimed at its neighbor. The messages appearing on these printers vary, but they share a common theme:
Якщо ваш мережевий принтер передасть “вітання Путіну” чи надрукує “Слава Україні!” та інші цікаві надписи, то знайте, що він під нашим контролем.
If your network printer passes along “greetings to Putin” or prints “Glory to Ukraine!” or other interesting messages, then you know that it is under our control.
Not all of Dokukin’s printer messages were meant to be confrontational. Recently, the Ukrainian Cyber Forces accessed an open network printer in Canada—an especially strong ally of Ukraine throughout the ongoing crisis—and printed the message “Thanks for supporting Ukraine!” in English.
As Russia increases its support of information warfare, including slick redesigns of its news agencies and propping up fake Ukrainian news sites, Ukrainian Cyber Forces are taking the trolling and information war to their opponents—and their offices—more directly.
Ukraine's new foreign minister, Pavlo Klimkin, is in hot water on the Russian Internet today, where bloggers are drawing attention to his first subscriptions on Twitter. RuNet users have noticed that some of the first accounts Klimkin chose to follow are US politicians John McCain and Mitt Romney, the neoconservative American think tanks the Foreign Policy Institute and the Lugar Center, and the US State Department itself. Serving a new government in Kiev that Moscow regularly accuses of kowtowing to Washington, Klimkin has provided critics of Ukraine with fresh ammunition in the information war between Russia and the West.
The anonymous LiveJournal blog hardingush, run by a member of Russia's Ministry of the Interior special forces operating in Ingushetia, is now closed. RuNet Echo has previously highlighted [Global Voices report] this blog as part of its series that focuses on bloggers in the volatile North Caucasus. The blog had been ranked one the most popular in the North Caucasus’ blogosphere, and at the height of its popularity was one of the most highly rated LiveJournal blogs in Russia, receiving hundreds of comments per single blog entry.
Many had speculated about the hardingush's origins, with some bloggers wondering if the whole blog wasn't simply a very well made public relations stunt on the part of Russia's security apparatus. hardingush had previously closed his LiveJournal, but resumed blogging under a different account — molonlabe. Currently the original page shows only one post, about dogs. The link to the mirror site, molonlabe is in the comments. There, in his final post, HardIngush writes:
У меня для постоянных читателей блога есть не очень приятное известие. Ну, я, собственно, предупреждал об этом раньше. По ряду причин дальнейшие публикации в этом блоге невозможны. Короче, это последний пост в моем блоге. Никому не нужны проблемы, а я тем более их не люблю сам себе создавать.
I have not so good news for the regular readers of the blog. Well, actually, I was warned about it previously. For several reasons, further posts on this blog are impossible. In short, this is the last post on my blog. Nobody wants problems, and I especially do not like to create them for myself.
He is probably talking about the fact that his profile has become publicly visible — to the point where there have been numerous attempts to deanonymize him. He concludes:
Спасибо вам, что были со мной все это время. И помните, пока мы есть – у террористов нет шансов в России. Дураки не погубили страну, куда там отмороженным фанатикам.
Thanks to all who have been with me all this time. And remember, as long as we exist – the terrorists do not have a chance in Russia. Fools couldn't not ruined the country where there are frostbitten fanatics.
Was hardingush a conscientious special forces officer who just wanted people to understand him and his work, as he portrayed himself? Or was he a successful media project? His true identity will probably never be known, and neither will his motivation for blogging.