iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Hackers calling themselves the Russian Cyber Army Team have targeted Book Maxi Cab Melbourne.
A gang of Russian hackers claims to have successfully breached several files and documents belonging to a Melbourne taxi hire service.
The Russian Cyber Army Team made the claim on its Telegram channel on 6 January, publishing two screenshots of Excel spreadsheets – one called “contact” and the other “Ip_list”.
In a follow-up post, the hackers posted a 701-kilobyte Zip archive called dumpAustralia.zip.
Both comments feature the hashtag #FromCyberArmyWithLove.
The archive itself includes the two Excel files featured in the previous post, as well as several other files. But while most have only a few admin entries or are small .bin files, the two larger Excel files feature more problematic content.
The Ip-List file features just that – the IP addresses of a large number of organisations from around the world, as well as their latitude and longitude and postcodes. Included in the more than 6,000 lines are organisations from around Australia, the US, and even France and Russia. There are, however, several duplicate entries.
The file called contact, however, contains more than 10,600 entries detailing pick-up and drop-off addresses, customer names and contact details, email addresses, phone numbers, and booking comments. Again, there are several duplications of entries, and a number of entries that appear to be tests of Book Maxi Cab Melbourne’s booking systems, but there are still many thousands of what appear to be genuine booking details.
The entries date from 2019 to the first week of January 2024. No financial or credit card data was included in the leaked material.
Who are the Russian Army Cyber Team?
The Russian Army Cyber Team is a relatively unknown hacking collective. Its Telegram channel was created on 26 August 2023, though the first few posts are reposts from other Russian-language channels.
The first original post in the channel regards the group’s first hacking operation, which was made on the same day the channel was created.
“Good morning, Cyber Fighters!” the post said. “We are attacking the Teroborona website. The IP is hidden, we find the URL using search queries.”
The Teroborona is Ukraine’s civil defence militia.
The group seems to be largely opportunistic in its targeting and has attacked organisations in Ukraine, Germany, Latvia, Moldova, the US, and Spain, along with other countries openly supporting Ukraine in its war against Russia. The group may also have some ties to Russian security services if a recent post is anything to go by.
“Dear hackers of the Russian Federation,” a group spokesperson posted on 6 January. “FSB officers are announcing a hunt for individuals who post the following information on the internet on any platform:
1) Record video of the movements of Russian military personnel
2) Taking photographs of Russian military personnel
3) Filming military equipment.”
The FSB is Russia’s Federal Security Service, which is thought to be linked to several criminal hacking groups, as well as running its own internal operators.
As to techniques and tactics, the Russian Cyber Army Team generally focuses on distributed denial-of-service (DDoS) attacks with the occasional data breach thrown in. In January 2024 alone, the group claims to have disrupted websites in Ukraine and Latvia, while publishing data from both Book Maxi Cab Melbourne and LPG Gruppen, a Norwegian oil and gas company.
Cyber Daily has reached out to Book Maxi Cab Melbourne for comment.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
