news

The FSB has caught the alleged head of “Humpty Dumpty” What does this have to do with treason?

12:09, 31 january 2017

Lefertovo detention center

Photo: Petr Vassiliev / PhotoXPress

It is Vladimir Anikeev’s third month in the Lefertovo detention center. According to Rosbalt, Anikeev is the founder of a group of hackers called Shaltai Boltai, which translates into English as Humpty Dumpty. The agency says that it is thanks to Anikeev’s testimony that two FSB employees have been arrested for treason. What exactly treason means in this context and that exactly Anikeev knows remain unclear. Meduza reports the details of this story.

Who is Shaltai Boltai?

The hacker group Anonymous International, also known as Shaltai Boltai, first became famous in 2013 when, just a few hours before Vladimir Putin’s New Year address to the country, they published the text of the president’s speech.

Later, the hackers published the correspondence of Prime Minister Dmitry Medvedev, the secretariat of Deputy Prime Minister Igor Shuvalov, Deputy Prime Minister Arkady Dvorkovich, head of Roskomnadzor (Russia’s Internet watchdog) Alexander Zharov, and other officials. Often, Anonymous International would only a few letters and put up the rest up for sale for several thousands of dollars.

In 2013, the hackers posted a fake message about the dismissal of Vladimir Yakunin from his post as head of Russian Railways. In 2014, the hacker group claimed responsibility for breaking into the Twitter of Dmitry Medvedev and reporting his resignation.

Shaltai Boltai always signs off its publications with the phrase “Always with you, even when you don’t suspect it.”

There is no information on how many people are involved in Anonymous International or who is at its head. Its representatives talk to reporters anonymously.

According to Rosbalt, the Vladimir Anikeev (alias Lewis) is the head of Shaltai Boltai. Previously, Anikeev worked as a journalist and has been “well-received in the presidential administration.” In the early 2000s, Anikeev used to hacked the e-mail accounts of Russian officials and receive remuneration in exchange for keeping the materials unpublished. According to Rosbalt, Anikeev spent his days sitting in cafes frequented by Russian officials and access these officials’ electronic devices with the help of fake Wi-Fi networks. Subsequently, he would deliver the hacked information to accomplices in Estonia and Thailand, according to Rosbalt.

Lewis’s Arrest

According to Rosbalt’s sources, the FSB was able to identify several of the group’s members in the summer of 2016. According to the publication, then deputy head of the Federal Security Service Information Security Center (CDC) Sergei Mikhailov met with someone from Shaltai Boltai. After that, Rosbalt claims, hackers came under control of the FSB and published materials as directed by its new supervisors.

In autumn 2016, the Federal Security Service learned that Shaltai Boltai was in possession of the correspondence of presidential aide Vladislav Surkov and intended to publish it. In October, FSB agents lured Anikeev to St. Petersburg and arrested him there. According to publication Life, Anikeev was detained on the border of Belarus and Russia, where he was traveling by car. It is unclear whether Sergei Mikhailov, who was mention in the Rosbalt report, had participated in the operation.

Anikeev has been accused of hacking. He is being held in the Lefortovo detention center.

A case on treason

In December 2016, two FSB officers were detained on charges of treason. They were Sergei Mikhailov and his subordinate Dmitry Dokuchaev, who, according to Rosbalt, led the investigation into Shaltai Boltai. The third person to be arrested was head of the computer incidents investigation team at Kaspersky Lab Ruslan Stoyanov. According to Rosbalt, it was Anikeev who informed on these individuals. What exactly Anikeev told the investigative team is unclear.

As reported in Novaya Gazeta, the investigative team believes that the FSB gave US intelligence agencies information on the IP-addresses of devices involved in the hacker attacks against databases for election systems in Illinois and Arizona. What Shaltai Boltai has to do with this remains unclear. Anonymous International never claimed to have intervened in the United States elections, nor was any such information reported by the media.

Mikhailov and Stoyanov were already under suspicion for leaking information to companies specializing in security intelligence. The former head of payments services at Chronopay Pavel Vrublevski, who was imprisoned for attacking on the Aeroflot website, wrote to a colleague in 2010 that Mihaylov and Stoyanov were responsible for the transfer of documents seized from his company during the investigation. This letter is found by security specialist Brian Krebs, who is in possession of Vrublevski’s correspondence. According to Vrublevski, Mikhailov passed information about Russian hackers to the West. Later, US intelligence agencies would allegedly turn to Mikhailov themselves. The deputy would catch criminals and be promoted.

In September 2016, researchers from companies ThreatConnect published a report about the break-ins in the US election systems. It spoke of the servers that were used for hacking. They belong to Vladimir Fomenko, an acquaintance of Pavel Vrublevski. In 2011, in an interview with Brian Krebs, Vrublevski said that if he can prove that Mikhailov was responsible for the leak, FSB officers would find someone to “drill another hole into them”. Now Vrublevski declines to comment.

What this story has to do with Shaltai Boltai is also unknown. The organization continues to refuse to communicate with journalists directly.