A Russian telecom firm that develops know-how to permit cellphone and web corporations to conduct internet surveillance and censorship was hacked, had its web site defaced, and had information stolen from its servers, TechCrunch has discovered.
Based in Russia, Protei makes telecommunications programs for cellphone and web suppliers throughout dozens of nations, together with Bahrain, Italy, Kazakhstan, Mexico, Pakistan and far of central Africa. The corporate, now headquartered in Jordan, sells video conferencing know-how and web connectivity options, in addition to surveillance gear and web-filtering merchandise, similar to deep packet inspection programs.
It’s not clear precisely when or how Protei was hacked, however a copy of the corporate’s web site saved on the Web Archive’s Wayback Machine exhibits it was defaced on November 8. The web site was restored quickly after.
In the course of the breach, the hacker obtained the contents of Protei’s internet server — round 182 gigabytes of recordsdata — together with emails courting again years.
A replica of Protei’s information was supplied to DDoSecrets, a non-profit transparency collective that indexes leaked datasets within the public curiosity, together with information from legislation enforcement, authorities businesses, and corporations concerned within the surveillance business.
Mohammad Jalal, the managing director of Protei’s department in Jordan, didn’t reply to a request for remark concerning the breach.
The id of the hacker isn’t recognized, nor their motivations, however the defaced web site learn: “another DPI/SORM provider bites the dust.” The message probably references the corporate’s gross sales of deep packet inspection programs and different web filtering know-how for the Russian-developed lawful intercept system generally known as SORM.
SORM is the principle lawful intercept system used throughout Russia in addition to a number of different international locations which use Russian know-how. Cellphone and web suppliers set up SORM gear on their networks, which permits their nation’s governments to acquire the contents of calls, textual content messages and internet searching information of the networks’ prospects.
Deep-packet inspection gadgets enable telecom corporations to determine and filter internet site visitors relying on its supply, similar to a social media web site or a selected messaging app, and selectively block entry. These programs are used for surveillance and censorship in areas the place freedom of speech and expression are restricted.
Citizen Lab reported in 2023 that Iranian telecoms big Ariantel had consulted with Protei about know-how for logging web site visitors and blocking entry to sure web sites. Paperwork seen and revealed by Citizen Lab present that Protei touted its know-how’s potential to limit or block entry to web sites for particular individuals or total swathes of the inhabitants.
