Russian Satellite Hit by WAGNER Hackers

This post is also available in: עברית (Hebrew)

The Dozor-Teleport is a Russian satellite communications provider used by the country’s Ministry of Defense and security services. It was recently hit by hackers aligned with the private military corporation group Wagner.

According to information provided by Cybernews, the attackers targeted the infrastructure of the satellite’s communication provider and damaged user terminals. According to the IODA project, the Dozor network has been down for 14 hours. The satellite is used by Russia’s Ministry of Defense, ships of the Northern Fleet, the Federal Security Service, Rosatom and other organizations.

Officials working in Viasat said the cyberattack was done by compromising and exploiting systems that manage customer terminals. The incident affected tens of thousands of terminals across Europe, which demonstrates the dangers of relying on communications via commercial satellites.

Interestingly enough, it seems that the culprits behind the attack are trying to portray themselves as associated with Yevgeny Prigozhin-led PMC Wagner. Earlier this week, researchers discovered a ransomware strain called Wagner that infects user devices and invites them to join the PMC Wagner.

According to Cybernews, the attackers supposedly defaced several Russian websites, publishing a message from the PMC Wagner claiming responsibility for the attacks. However, the Telegram page of the supposed attackers is not the same one used by PMC Wagner.

If this attack is confirmed, it would not be the first time that hackers have targeted Russian satellite networks. Just last year pro-Ukrainian hackers claimed they gained access to Gonets, a Russian low Earth orbit (LEO) satellite communications network, and deleted a database that was crucial to its functioning.