NOTE: This post has multiple updates at the bottom.
So my mom called last night and asked me “How’s things, anything interesting going on with you?” I replied, “Ahh you know nothing much. Plodding along”. She has no idea I even have a blog, and if I told her she wouldn’t have a clue what I was jabbering about anyhow.
Last Friday evening, I decided to give Russia a little gentle prod. Nothing too spectacular, just a message that all their meddling in US affairs, up to and including their salvos in Cyber against US targets wasn’t going unnoticed. It’s a dirty job, but someones gotta do it.
My ‘message’ came in the form of a simple XSS injection, made possible by a vulnerability in the Russian Ministry of Foreign Affairs website. This flaw allowed me put the following message ‘on their site’ – Screenshot:
It’s not rocket salad, but it is simple and effective. Let me explain how effective. Now any security researcher who dissects this ‘attack’ will be able to tell you that while it was a valid exploitation of an XSS vulnerability, the target site was in no way damaged or breached. No credentials were stolen or cracked, and nothing was taken from, or put into the back-end database. In effect, no harm, no foul. Because who wants to spend the next 70 years in a Siberian gulag? Not fuckin’ me, that’s who. This was the cyber equivalent of driving by the Rooskie Embassy and flipping them the bird. You know like Mav & Goose so righteously did in Top Gun. I mean Mother Russia should have known this, but clearly they’re awful jumpy. I Don’t know what they’re running over there, but no shit, the paranoia is clearly YUGE. The last time I hacked a Compaq Presario running Kapersky AV, I needed a blowtorch and wood glue.
CNN first covered the incident right here, (and since many other places) where I explained it was a simple XSS injection, and they reported the incident correctly. This was not meant to be an earth-shattering mega-hack. It was a gentle light hearted message, for which I do not apologize.
… that didn’t stop the Russian Government spokesperson for the Ministry of Foreign Affairs from freaking the fuck out, and screeching to Kremlin mouthpiece – Russia Today with the following hilarious statements:
“The website has been hacked, by whom – that’s what experts are trying to figure out.” – Well, that’s not too hard, I already told you. Also “experts are now checking what happened to the website” – well, lemme break it down, nothing ‘happened’ to the website.
I grabbed ‘at-the-time-of-writing screenshots’ for you guys (below) because they have keep updating the original article – trying to backpeddle and minimize the incident after scurrying around trying to work things out, and unscrambling the jets. I guess now we have an idea of the state of their cyber-preparedness, or lack thereof given the weapon-grade meltdown Foreign Ministry Spokesperson Maria Zhakharova displayed to the world. The more you know huh?
As you can see from the two versions above, they’re in somewhat of a tailspin. But at least the Russian propaganda machine finally spun up and kicked in, after it was too late, with “the hack may or may not have happened but if it did happen, or didn’t happen, it didn’t happen on anything important, it was an old defunct site where the hack that may or may not have happened, happened, or not.” – Or fucking something.
The key takeaway here is that Russia, possibly for the first time EVER out-propagandered THEMSELVES and admitted via their OWN national media, that they got ‘dinged’, or more accurately – punk’d in Cyber, by a man in a jingly hat.
In this current climate of all out propaganda wars on the internet between Russia and the US, I’ll be notching that up as a win. In fact, its a win win, as no animals were harmed during the making of this incident.
How do you poke a Russian Bear in the eye? – Gently wave a stick in front of his face until he has no choice but to run into it.
I guess you can equate this whole thing to the Doolittle Raid after Pearl Harbor, where the effect of attack greatly outweighed the damage caused. And beyond that… fuckem if they can’t take a joke.
Sidenote: Stunning how many Trump followers have been all up in my grill since this episode. It’s almost like they know something we don’t.
UPDATE 10/23/2016 – It appears they are still trying to get their spin straight. Here’s the latest from ITAR-TASS the Russian News Agency. They seem to be claiming that no hack occurred, BUT if it did occur it was a “a cyber-machine of destruction Biden and McFaul have spoken about”. I know it’s confusing, but trust me when I say nobody is more confused than Russia right now. But either way, I guess I don’t need to pack my fleece for the Siberian Gulag… any time soon. I think it could prove ‘problematic’ even for Mother Russia, to make a case against an individual after they not once, but twice via two national media outlets, stated that the ‘crime’ didn’t happen. But I’ll be keeping a lookout for dudes with Polonium-tipped umbrellas. So I guess I’ll just ‘keep calm and carry on’, because in Soviet Russia… calm keeps YOU.
But hey, who am I to chuckle at the enemy when they pee their pants on the battlefield. It’s some serious shit. Who wouldn’t?
So to recap: “They’re investigating a hack that didn’t happen, but if it did happen it happened on an ‘old’ Foreign Affairs Ministry site, and this hack that didn’t happen was carried out by a ‘US Cyber-Machine of Destruction’. But it didn’t happen and if it did it was on an old site they no longer care about….. so nyah nyah nyahhny nyah.” Here’s a screenshot, just in case they respin it (again).
It’s almost as if Kremlin controlled Russian State media outlets are suddenly engaged in a ‘Propaganda War’…. with themselves. Nyet?
If she looks confused, she’s not. She always looks like that. Okay?
I guess it’s time for me to ‘fess up’ regarding this entire ‘episode’. Before now, I didn’t want to interrupt the enemy while they were making a mistake. You know how it is. My intentions were not to embarrass the Russian Government as outlined above, although it was an unexpected bonus, no doubt about that. Let’s get one thing straight, the Russians are engaging in cyber operations against us, including hacking our infrastructure in order to affect OUR election to get the most pliable person in office whom they can manipulate easily. As I pointed out briefly a few weeks ago here. 17 US intel agencies have already confirmed this fact. You can google that for yourselves.
My end-game for this ‘episode’ was to draw fire from the RUSSIAN ‘cyber-machine of destruction’ (as they refer to it) in order to collect intel on their latest TTP or for regular people ‘Tools, Techniques and Procedures’. In this regard, things are going pretty well. Here’s the my threat metrics (who’s attacking me and how) for this very blog you are reading over the last 24hr period – between yesterday and today (Monday 24th October and Tuesday 25th October), just 2 days after the Russian Government had their weapons-grade meltdown:
Yes that’s almost 14K different attacks on this very site in 24hrs. Look at the top culprit. That’s a lotta fucking chapped ass over something they say didn’t happen.
There’s no point ‘being good a ‘puters’ if you don’t got no strategy game.
“Now I have a machine gun too. Ho – Ho – Ho” – Hans Gruber