Anonymous news – live: Hacking attacks and cyber warfare could lead Russia to cut itself off from the internet

In order to get around internet restrictions, Russian users have been downloading VPNs in order to access content from other nations.

Data from Atlas VPN claims that installs have risen by 1,90 per cent over the last few days so that users can continue to use services unrestricted.

“The start of physical attacks in Ukraine on February 24 gave rise to the never-seen-before upsurge in VPN demand. VPN installs reached record heights one day after another”, the company states.

“On February 25, VPN installs rose by 24 per cent above the average. The next day, on February 26, VPN installs originating from Russia sky-rocketed by 1,076 per cent over the norm. Still, this was not the end, as the following day, VPN installs went off the charts, soaring 1,906 per cent higher than the mean.”

Reddit also quarantined its r/Russia subreddit for spreading misinformation, as well as the smaller subreddit r/RussiaPolitics - merely days after it was created in to discuss the politics of the invasion.

“We are clear in our policies that moderators and users may not attempt to manipulate and interfere with the conversations or communities on our platform,” a Reddit spokesperson told Mashable.

“In line with these policies, we have quarantined r/Russia and r/RussiaPolitics and removed a moderator for acting in bad faith. We have connected directly with the remaining moderators to provide guidance and remind them of our policies. We will continue to monitor the situation and take additional steps as needed.”

A group affiliated with Anonymous called NB6 has claimed to have hacked Roscosmos, Russia’s space agency.

“#Russia has no more control over their own Spy-Satelites”, an Anonymous Twitter account posted.

The Independent has not been able to confirm the accuracy of these claims, and the space agency’s chief executive has denied that it has been affected.

Dmitry Rogozin said Wednesday that any claims of a hack are made by “fraudsters and pretty swindlers” and that “all our space control centers operate as usual".

Mr Rogozin has said previously that control of the Russian space industry, orbital group and the Russian International Space Station segment are thoroughly protected and isolated by cyber criminals, but threatened that sanctions placed against Russia could have a damaging effect on the ISS.

“If you block cooperation with us, who will save the ISS from an uncontrolled deorbit and fall into the United States and Europe?” the space chief tweeted on Friday.

SpaceX chief Elon Musk, in response to the comment, said his company would step in to assist the station. Nasa has said it would “make every effort to continue as before … [despite] disagreements between our countries”.

Russian hackers also changed the messages on electric vehicle charging stations to hurl curses at Vladimir Putin.

The chargers along the M11 motorway, which runs between Moscow and St Petersburg, were disabled and started to display pro-Ukrainian messages, according to social media users.

“Glory to Ukraine / Glory to the heroes / Putin is a d***head / Death to the enemy,” the message reportedly read.

A Ukrainian cyber resistance group said it planned to attack key Russian infrastructure, including the railways and electricity grid, to retaliate against Moscow’s invasion of the country.

Yegor Aushev, a local cybersecurity expert, said on Monday that he planned to organise a group of hackers in Ukraine to defend against Russia, Reuters reported. The targets would include infrastructure that helped Russians bring weapons to Ukraine for the invasion.

“Everything that might stop the war. The goal is to make it impossible to bring these weapons to our country,” he was quoted as saying.

A “likely” cyber attack from a “nation-state” using a Ukrainian soldier’s email address has been used to try and disrupt European officials’ attempts to help refugees fleeing the country from Russia’s invasion.

The “state sponsored phishing campaign”, whereby login credentials and other user data are stolen by hackers, appeared to use the email address to send a malicious micro attachment to the Emergency Meeting of the NATO Security Council that took place on 23 February.

While the researchers cannot “definitively attribute” this campaign, they believe that it is from the threat actor TA445 (aka Ghostwriter/UNC1151).

This is based on the timeline of the attack, use of compromised sender addresses that align with Ukrainian government reports, and the victimology of the campaign align with previous attempts made by TA445 in 2021 with regards to Belarus funnelling refugees to the Polish border.

Moscow has threatened to block access to Wikipedia’s Russian-language site over an article about Vladimir Putin’s invasion of Ukraine.

Amid widespread reports that Russia’s war is not going to plan, Moscow further tightened its grip on the information available to its populace on Tuesday and attacked Google and Meta as “foreign instigators of war”, after they also clamped down on Kremlin-backed media outlets.

Having ordered independent media outlets last week to remove references to Russia’s “assault, invasion, or declaration of war” or face being blocked and fined, the Russian media watchdog – Roskomnadzor – has now issued a similar threat to Wikipedia.

Wikimedia Russia confirmed to The Independent on Wednesday that it had received the threat from Moscow’s communications regulator, which was published on the former’s website.

Ukraine has asked two international internet bodies to remove Russia from the internet.

Two representatives for Ukraine, Andrii Nabok and deputy prime minister Mykhailo Fedorov, emailed the Internet Corporation for Assigned Names and Numbers (ICANN) and Réseaux IP Européens Network Coordination Centre (RIPE NCC) to “introduce strict sanctions against the Russian Federation in the field of DNS regulation”.

The government officials claim that Russia’s invasion of Ukraine violates the Geneva Conventions, but the “atrocious crimes” have been achieved due to “the Russian propaganda machinery using websites continuously spreading disinformation, hate speech, promoting violence and hiding the truth”.

The letter also says that Ukraine’s IT infrastructure has been attacked numerous times by Russia – which has caused the country to recruit a volunteer cyber army – and that Russia’s aggression could beget nuclear war.

It demands the organisations “revoke, permanently or temporarily, the domains ‘.ru’, ‘.рф’ and ‘.su’”, as well as revoking SSL certificates and shutting down domain name servers – commonly described as the address book of the internet - in Russia.

Russia will refuse to launch UK satellites unless the government agrees to its demands, its space agency has said.

Roscosmos is due to launch a host of satellites this week on behalf of OneWeb, a firm part-owned by the UK government, in a deal agreed before the escalation of tensions. It has become something of a test of whether international co-operation in space will continue amid growing aggression on the ground.

Russia had already said that it would only launch the satellites if OneWeb would guarantee that they would not be used for military purposes. Dmitry Rogozin, the head of Roscosmos, also said in the same TV interview that OneWeb had paid in full for the launch and Russia would keep that fee whether the launch went ahead or not.

Now Roscosmos has announced new demands, requiring that the UK government sell its stake in the firm before the launch can go ahead on 5 March.

“Due to the UK’s hostile stance towards Russia, another condition for the launch of OneWeb spacecraft on March 5 is the withdrawal of the British government from the shareholders of OneWeb,” the Russian space agency said in a tweet.

A “likely” cyber attack from a “nation-state” using a Ukrainian soldier’s email address has been used to try and disrupt European officials’ attempts to help refugees fleeing the country from Russia’s invasion.

The “state sponsored phishing campaign”, whereby login credentials and other user data are stolen by hackers, appeared to use the email address to send a malicious micro attachment to the Emergency Meeting of the NATO Security Council that took place on 23 February.

The intention seems to be to trick government personal tasked with managing transportation of refugees into downloading the Lua malware ‘SunSeed’, according to cybersecurity researchers at Proofpoint.

While the researchers cannot “definitively attribute” this campaign, they believe that it is from the threat actor TA445 (aka Ghostwriter/UNC1151).

This is based on the timeline of the attack, use of compromised sender addresses that align with Ukrainian government reports, and the victimology of the campaign align with previous attempts made by TA445 in 2021 with regards to Belarus funnelling refugees to the Polish border.