The FSB has put several members of the hacker group “Humpty Dumpty” on the wanted list, also known as “Anonymous International”. The name of the project comes from the character of many classic English children's poems (English: Humpty Dumpty), who is a large humanoid egg with a tie. His image was also used Lewis Carroll in "Alice Through the Looking Glass".

According to the Investigative Department of the FSB of the Russian Federation, persons living in the territory of one of the Baltic countries and in Thailand have been put on the wanted list. All of them are suspected of committing a crime under Article 272 of the Criminal Code of the Russian Federation (Illegal access to computer information). According to investigators, these individuals were engaged in processing the stolen correspondence of government employees, and then posted it to the public on the Internet.

Earlier, FSB officers detained the creator of the Shaltai-Boltaya website. Vladimir Anikeev, better known by his pseudonym Lewis. After his arrest in October 2016, Anikeev began to cooperate with the investigation and gives detailed testimony, media reports.

What is known about the creator and activities of the Humpty Dumpty project?

Vladimir Anikeev was born in Makhachkala. In the 1990s, after moving to St. Petersburg, he worked in various media. Since 2001, after meeting a number of St. Petersburg PR people, he began to extract dirt on businessmen and officials. And then, depending on the situation, either this compromising evidence was transferred to the client-interested, or money was demanded from officials and businessmen for not distributing it in the media.

In 2002-2003, with the help of hackers, he began hacking the mail of representatives of government agencies and entrepreneurs, posted “compromising” articles in the media, organized stories on TV, etc. Later he went on new level— acquired professional equipment with which it was possible to create false WI-FI networks and false cells of mobile operators.

When there was a lot of information, it was decided to launch the “Humpty Dumpty” project, the participants of which took pseudonyms from the work “Alice in Wonderland” by Lewis Carroll.

The group first showed itself on December 31, 2013, when it published the text of its New Year's message. Russian President Vladimir Putin, and not the original version (recorded in advance at the walls of the Kremlin), but read by him from the Far East, where he arrived to help the victim of natural disaster to the local population.

In May 2014, the group posted a series of letters from various officials lobbying the interests of the Concord food plant, of which it is a co-owner. Evgeny Prigozhin, which, according to project activists, is engaged in “surveillance and organization of provocations against oppositionists and the media.”

In mid-July 2014 they were posted in open access emails from a gmail account supposedly belonging to Deputy Prime Minister of the Russian Federation Arkady Dvorkovich. Attached to these letters were files with information about the restructuring of Mechel and the “tax maneuver” in the oil industry.

On August 4, 2014, hackers hacked a Twitter account. Prime Minister of the Russian Federation Dmitry Medvedev.

At the end of October, the group published correspondence, one of the parties to which was allegedly Head of the Secretariat of First Deputy Prime Minister Igor Shuvalov Yuri Ghazaryan. The materials describe the situation in the Russian banking system, including in certain credit institutions.

In 2015, the group put up correspondence for sale press secretary of Prime Minister Dmitry Medvedev Natalia Timakova.

In 2016, hackers announced the hacking and theft of the contents of two mailboxes and WhatsApp correspondence of a TV presenter Dmitry Kiselyov.

In the summer of 2016, searches were carried out in structures associated with Shaltai-Boltai. As a result of inspections in October 2016, it was decided to lure Anikeev to St. Petersburg under the pretext of receiving a large sum for one job. However, instead of a suitcase with money, FSB operatives were waiting for him in the northern capital.

  • On December 11, 2013, around midnight, a post by the then unknown blogger “Shaltaya-Boltai” appeared on the RuNet - congratulations on the 20th anniversary of the Russian Constitution. This harmless recording served as a prologue to a series of hacks and hacker attacks, which are attributed to the group also known as the Anonymous International. 20 days later, on the night of December 30-31, “Humpty Dumpty” posted the text of the President’s New Year’s address, “Guarantor of Freedoms, Guardian of the Balance and Unshakable of the Fundamentals.” Putin repeated his congratulations word for word. This was the first leak organized by hackers.

    Lewis Carroll and parsing in “The Chocolate Girl”

    One of the alleged organizers of the group, Vladimir Anikeev, was born in Makhachkala, then moved to St. Petersburg, where he worked in the media. A source from the Rosbalt publication spoke about Anikeev: “Volodya did not know how to write articles at all. And I almost didn’t write them. But he was a born intelligence officer. He knew how to obtain the information needed for articles. To do this, he could drink with someone, have affairs with secretaries, bribe, etc. Gradually, he began to have a circle of sources and connections in various departments.” In 2001, after meeting St. Petersburg PR people, Anikeev began to do what he did best: he began to extract incriminating evidence on businessmen and officials, and then, depending on the situation, the incriminating evidence was transferred to the client, or officials and businessmen were asked for money for not disseminating information to the media .

    Soon after this, Anikeev acquired professional equipment with which it was possible to create false WI-FI networks and engage in network parsing - in other words, extract information from gadgets and websites. When the equipment is turned on, the phone and tablet the right person connected to the network via a channel controlled by Anikeev. This is how the hacker gained access to the content that was stored on the gadgets. According to Rosbalt’s interlocutors, Anikeev sat for hours in the favorite places of officials from the Presidential Administration of the Russian Federation: in the Kask restaurant and the Shokoladnitsa cafe in the Ilyinka area, in the Bosco-cafe in GUM.

    Anikeev sent all the data to his colleagues: Dumpty, Humpty, Alice, the Hatter and the March Hare - all members of the Anonymous International worked under the pseudonyms of Lewis Carroll's fairy tale. Anikeev himself called himself “Lewis”.

    At first they tried to sell incriminating evidence through personal connections, but this was dangerous, so it was decided to create their own website on the Wordpress blog platform, which was closed by Roskomnadzor shortly after the publication of the correspondence of Deputy Prime Minister Arkady Dvorkovich.

    Bitcoins and trolling Medvedev

    At first, Anonymous International posted information in the public domain for free, and then began selling it on the information exchange joker.buzz for bitcoins. For example, a data array general director from the News Media publishing house of Aram Gabrelyanov, which included personal and work correspondence, was purchased for 11 bitcoins - about $8,000 at the then exchange rate. The decision to switch to joker.buzz was made because "the time and resources are worth more than the exchange fees."

    — Shaltay Boltay (@b0ltai2) August 15, 2014

    A bag of money and custom publications. Examples of what the Anonymous International talked about

    Kristina Potupchik's money

    Kristina Potupchik is a former press secretary of the Nashi movement. Her photo was published by Humpty Dumpty in December 2014.

    “It is not known exactly how much was in the bag, but she received both five lyams and ten lyams. Just this time we decided to take a photo for reporting purposes. The loot was given to Potupchik for his current needs. She constantly works for the Presidential Administration [Presidential Administration]. Working in the blogosphere, paying bloggers, commentators, organizing promotions,” Anonymous International explained to The Insider.

    In addition to the photo with the money, Anonymous International published Potupchik’s correspondence. The Insider wrote about this: “One of Potupchik’s key tasks, judging by the correspondence, is monitoring information environment and identifying criticism of authorities. Based on the results of her observations, Potupchik wrote reports, reporting in which media the authorities were criticized especially often. On February 25, Potupchik writes a report entitled “The Role of the Rambler-Afisha-SUP Holding in Provoking Opposition Sentiments in Russian society" The report begins with the following introduction (author's spelling): “Publications included in the Rambler-Afisha-SUP holding systematically engage in propaganda of opposition views, projects, leaders, and some quite successfully create a trend to ridicule state policy. Among the holding’s publications, special mention should be made of the Lenta.ru magazine and its activities in social networks, Afisha, Gazeta.ru, as well as the news aggregator on Rambler.ru.” A month later, it became known about Galina Timchenko’s resignation from the post of editor-in-chief of Lenta. And on May 28, Potupchik wrote a document “Review of the critical information policy regarding the government of the publication Afisha.” A month later, Afisha changed its editor-in-chief.


Vladimir Anikeev, the alleged leader of Shaltai-Boltai. Photos from personal page In contact with

How quickly everything changed! Until recently, the abbreviation “organized criminal group” terrified entire cities. Remember? Orekhovskaya, Solntsevskaya, Tambovskaya... Racketeering, extortion, bloody showdowns, then it was enough to turn on the TV in the morning to look at the victims of killers and the consequences of criminal showdowns.

Today it is difficult to imagine such pictures; all this remained in the 90s. But crime has not disappeared. Everything just moved from the streets to the offices of officials. And modern bandits firearms prefer computers.

History books will later write that the history of organized crime groups of the 21st century began with the arrest of the Humpty Dumpty group! For several years they terrorized the country's leaders and top managers large companies, extorting millions of dollars from them. And no one understood what to do with them, because anyone with a smartphone could become a victim of the new bandits. I’m sure that soon someone will make a movie about Humpty. In the meantime I've collected a short history, if you suddenly don’t understand what we’re talking about...

WHERE DID IT ALL START?

In December, Sergei Mikhailov (deputy head of the Center) was detained in the case of treason information security FSB), Dmitry Dokuchaev (former hacker, and then employee of the FSB Information Security Center) and Ruslan Stoyanov (head of the computer incident investigation department at Kaspersky Lab).

SO WHAT?

It turned out that Mikhailov oversaw the activities of the hacker group “Humpty Dumpty”, and Dokuchaev was the direct perpetrator of hacks and leaks! It is not yet very clear what Stoyanov is suspected of, but he is a secondary person in this story.

WHAT IS Humpty Dumpty?

You've probably heard about Humpty Dumpty, even if you don't remember it. This is a hacker group that is actually called Anonymous International. And “Humpty Dumpty” is such a “press service”, on behalf of which all the leaks were published. Therefore, between these two names everyone puts an equal sign.

"Humpty Dumpty" was engaged in hacking mobile devices officials and businessmen, and then leaked archives of their correspondence online. At first he did it for free, but then the group members decided not to miss the opportunity to earn money. They contacted the owner of the correspondence and offered him to buy it back. If he refused, then the correspondence was put up on an information exchange, where anyone could buy it for bitcoins. “Humpty Dumpty” earned more than two million dollars on the stock exchange alone.

Here is a brief summary of their loudest leaks:

December 2013 Leaking the text of Vladimir Putin's New Year's address. IN New Year's Eve Putin repeated it word for word.

March 2014 Leaking recommendations from the Presidential Administration on how to properly cover the topic of Crimea on federal channels.

August 2014 Hacking of Dmitry Medvedev's email and Twitter. “Humpty Dumpty” did it for fun: “they just decided to troll.” Then the famous posts “I am resigning” appeared on Twitter. I'm ashamed of the government's actions. Sorry" and "I've been wanting to say this for a long time. Wow! You're wrong!".

December 2014 Publication of a photograph of Kristina Potupchik (former press secretary of the Nashi movement) with a bag full of money. In addition to this, her correspondence was published. From the correspondence it was clear that Potupchik wrote reports to officials about which media too often scold the authorities.

December 2014 Leaked correspondence of Timur Prokopenko (Deputy Head of the Presidential Administration for domestic policy). From the correspondence it became clear that Prokopenko was responsible for posting ordered articles against Alexei Navalny. Anastasia Kashevarova (assistant to the general director of the News Media publishing house Aram Gabrelyanov) helped him in this.

April 2015 Breaking Email Alexandra Zharov (head of Roskomnadzor). In particular, Zharov corresponded with Mikhail Demin (former general director of Echo of Moscow). Zharov coordinated materials and discussed the work of the radio station.

July 2015 Publication of screenshots of letters from Ksenia Bolshakova (former assistant to the head of the Construction Department of the Ministry of Defense), in which she discussed the publication of jeans in Kommersant, “ Rossiyskaya newspaper", "Vedomosti" and other newspapers.

September 2015 Publication of official documents and correspondence of officials of the self-proclaimed DPR. They contain information about corruption schemes, torture, kidnappings, murders and raider takeovers.

April 2016 Dmitry Kiselev's correspondence leaked. From it it became known that Kiselev bought himself an apartment for 162 million rubles and a boat for 49 thousand dollars. Letters were also found in which Kiselev agreed on how various events should be covered in television programs.

August 2016 Hacking of Aram Gabrelyanov's mail and correspondence. Many details from his personal and working life became known. Gabrelyanov was offered to buy back his correspondence, but he refused. As a result, it was published in parts, to the delight of the media manager’s many haters. In general, the situation did not greatly damage the image of Aram Ashotych, since it could not get worse.

October 2016 Hacking of the mail of presidential aide Vladislav Surkov. It contained the “Plan of priority measures to destabilize the situation in Ukraine “Shatun”” and a list of candidates for the government of the self-proclaimed DPR. (This leak was published on the website of the Ukrainian hacker group CyberJunta, but many still attribute it to Humpty)

AND HUMPTY DAMPTY HAD A LOT OF HACKERS?

It is known that there were a little more than ten people in “Humpty Dumpty”. The founder of Humpty Dumpty, nicknamed Lewis, stated this in an anonymous interview with Meduza. Rosbalt published information about six of them.

Lewis (Vladimir Anikeev) - former journalist and a specialist in black PR. For a long time He was engaged in extracting incriminating evidence on businessmen and officials upon request. After creating Humpty Dumpty, he acquired professional equipment and began hacking smartphones and tablets of officials from the Presidential Administration. He sent the information he obtained to other members of the group.

Dumpty- a major St. Petersburg PR specialist. He communicated with hacked officials, businessmen and security officials and offered them to buy back the correspondence before they were leaked online. Thus he decided what would be published and what would not. It was he who received money for posting or not posting other people's correspondence.

Humpty- an IT specialist from St. Petersburg who moved to live in Estonia. He sorted through the content Lewis sent and chose what he could get money for. At the direction of Dumpty and Lewis, he posted leaked correspondence and documents on the Internet.

The Hatter and the March Hare- ordinary participants of “Humpty Dumpty”, in life they are IT specialists. Performed technical work, kept bookkeeping for the resource, processed content. Both moved to live in Thailand.

Alice- a girl from Ukraine, Lewis's friend. She carried out various assignments and did field work, visiting the same cafes where employees of the Presidential Administration gathered.

And judging by information from anonymous sources, all these guys were supervised by an FSB officer, namely the deputy head of the FSB Information Security Center, Sergei Mikhailov.

OKAY, WAS ANYONE ELSE DETAINED?

Lewis (Vladimir Anikeev) was detained in November 2016 - a month before Mikhailov’s arrest. According to Rosbalt, he actively cooperated with the investigation and mentioned Mikhailov more than once in his testimony. It is also known that at the same time as Lewis, Alexander Filinov and Konstantin Teplyakov were detained in the same case. It is not yet clear who they were in Humpty Dumpty. The FSB has put several more members of Shaltai-Boltai on the wanted list.

THIS IS ALL?

Almost. A few days ago it became known that Mikhailov and Dokuchaev not only participated in the work of a hacker group, but also collaborated with the CIA! Interfax, citing its source, reported that “the topics of hacker attacks and betrayal seem to overlap each other in the case, but do not intersect.”

TOTAL:

FSB employees Sergei Mikhailov and Dmitry Dokuchaev and Kaspersky Lab employee Ruslan Stoyanov were charged under Article 275 of the Criminal Code of the Russian Federation “High treason”.

Humpty Dumpty participants Vladimir Anikeev, Alexander Filinov and Konstantin Teplyakov were charged under Part 3 of Article 272 of the Criminal Code of the Russian Federation “Illegal access to legally protected computer information.”

  • On December 11, 2013, around midnight, a post by the then unknown blogger “Shaltaya-Boltai” appeared on the RuNet - congratulations on the 20th anniversary of the Russian Constitution. This innocuous post served as a prologue to a series of hacks and hacking attacks attributed to the group also known as Anonymous International. 20 days later, on the night of December 30-31, “Humpty Dumpty” posted the text of the President’s New Year’s address, “Guarantor of Freedoms, Guardian of the Balance and Unshakable of the Fundamentals.” Putin repeated his congratulations word for word. This was the first leak organized by hackers.

    Lewis Carroll and parsing in “The Chocolate Girl”

    One of the alleged organizers of the group, Vladimir Anikeev, was born in Makhachkala, then moved to St. Petersburg, where he worked in the media. A source from the Rosbalt publication spoke about Anikeev: “Volodya did not know how to write articles at all. And I almost didn’t write them. But he was a born intelligence officer. He knew how to obtain the information needed for articles. To do this, he could drink with someone, have affairs with secretaries, bribe, etc. Gradually, he began to have a circle of sources and connections in various departments.” In 2001, after meeting St. Petersburg PR people, Anikeev began to do what he did best: he began to extract incriminating evidence on businessmen and officials, and then, depending on the situation, the incriminating evidence was transferred to the client, or officials and businessmen were asked for money for not disseminating information to the media .

    Soon after this, Anikeev acquired professional equipment with which it was possible to create false WI-FI networks and engage in network parsing - in other words, extract information from gadgets and websites. When the equipment was turned on, the phone and tablet of the desired person were connected to the network via a channel controlled by Anikeev. This is how the hacker gained access to the content that was stored on the gadgets. According to Rosbalt’s interlocutors, Anikeev sat for hours in the favorite places of officials from the Presidential Administration of the Russian Federation: in the Kask restaurant and the Shokoladnitsa cafe in the Ilyinka area, in the Bosco-cafe in GUM.

    Anikeev sent all the data to his colleagues: Dumpty, Humpty, Alice, the Hatter and the March Hare - all members of the Anonymous International worked under the pseudonyms of Lewis Carroll's fairy tale. Anikeev himself called himself “Lewis”.

    At first they tried to sell incriminating evidence through personal connections, but this was dangerous, so it was decided to create their own website on the Wordpress blog platform, which was closed by Roskomnadzor shortly after the publication of the correspondence of Deputy Prime Minister Arkady Dvorkovich.

    Bitcoins and trolling Medvedev

    At first, Anonymous International posted information in the public domain for free, and then began selling it on the information exchange joker.buzz for bitcoins. For example, the data set of the CEO of the News Media publishing house Aram Gabrelyanov, which included personal and work correspondence, was purchased for 11 bitcoins - about $8,000 at the then exchange rate. The decision to switch to joker.buzz was made because "the time and resources are worth more than the exchange fees."

    — Shaltay Boltay (@b0ltai2) August 15, 2014

    A bag of money and custom publications. Examples of what the Anonymous International talked about

    Kristina Potupchik's money

    Kristina Potupchik is a former press secretary of the Nashi movement. Her photo was published by Humpty Dumpty in December 2014.

    “It is not known exactly how much was in the bag, but she received both five lyams and ten lyams. Just this time we decided to take a photo for reporting purposes. The loot was given to Potupchik for his current needs. She constantly works for the Presidential Administration [Presidential Administration]. Working in the blogosphere, paying bloggers, commentators, organizing promotions,” Anonymous International explained to The Insider.

    In addition to the photo with the money, Anonymous International published Potupchik’s correspondence. The Insider wrote about this: “One of Potupchik’s key tasks, judging by the correspondence, is monitoring the information environment and identifying criticism of the authorities. Based on the results of her observations, Potupchik wrote reports, reporting in which media the authorities were criticized especially often. On February 25, Potupchik writes a report entitled “The role of the Rambler-Afisha-SUP holding in provoking opposition sentiments in Russian society.” The report begins with the following introduction (author's spelling): “Publications included in the Rambler-Afisha-SUP holding systematically engage in propaganda of opposition views, projects, leaders, and some quite successfully create a trend to ridicule state policy. Among the holding’s publications, special mention should be made of the Lenta.ru magazine and its activities in social networks, Afisha, Gazeta.ru, as well as the news aggregator on Rambler.ru.” A month later, it became known about Galina Timchenko’s resignation from the post of editor-in-chief of Lenta. And on May 28, Potupchik wrote a document “Review of the critical information policy regarding the government of the publication Afisha.” A month later, Afisha changed its editor-in-chief.