Streetwise Professor

January 18, 2014

One Potato, Two Potato: More Russian Connections to the Target Hack-including a silent dog

Filed under: Russia — The Professor @ 9:24 pm

Based on information that is coming out today–including some interesting comments by Anders and aaa here on SWP–should be eliminating any doubts you might have (e.g., commenter Brett) regarding the source of the hack attacks on US retailers.  All roads lead back to Russia.  The only real question is the role of the government.

First, aaa pointed out that the attacks were traced back to the hacker “Hell”, who is believed to be Russian, and who was involved in hacking Navalny.  Then Anders weighed in, including a very interesting link arguing that “Hell” is not an individual, but instead a collective (a “drain tank”) of FSB officers working for its Center of Informational Security–its cyberwarfare unit (also known as vch) 64829 which was implicated in a hack of Facebook this summer.

But there’s more: Target data was moved to a server in Russia.

And there’s more: the creator of the malware used in the hack has been identified as a Russian teen.  He is not suspected in the hack, but he did allegedly sell the malware to several “eastern European” crime syndicates.  Is it too much of a stretch to think that a well-known hacker in Russia is known to the FSB and has to share his goodies with them as well?

And oh.  The name of the software is the Russian word for “potato.” (It also means “code stream” in geek speak.)

Given the fact that Russia is notoriously the vortex of criminal hacking (2 Russian hackers are on the FBI 10 Most Wanted List, bringing the total number of Russians on the list to 4: quite an achievement), there is a strong circumstantial case that this is a Russian operation.  It is also plausible that there is state involvement, and it is almost incomprehensible that this could happen without state knowledge.

One other fact supports that conclusion.  The dog that hasn’t barked: Eugene Kaspersky.  Kaspersky brags at his virtuosity at uncovering malware.  He was a press whore on Stuxnet.  But he has been conspicuously silent on this hack.  Funny, that.  He is quite the braggart when it comes to uncovering allegedly US government malware, but the cats get his tongue when it comes to Russian-origin malware unleashed on American retailers just in time for Christmas.

Kaspersky would have every incentive to grandstand and reveal his forensics.  Indeed, to saying nothing, and to let an American firm get all the credit for uncovering this, raises questions about whether his vaunted  operation is really as good as he claims.  Silence would seem to be against his commercial interest.

But maybe not.  For Kaspersky’s firm exists at the sufferance of the FSB and the Kremlin.  Kaspersky’s silence is all the more revealing in light of that fact.

Print Friendly, PDF & Email


  1. You really hate any successful Russian, don’t you? What has Karpersky got to do with any of this? Guilty by not barking? Oh, the insanity!

    Comment by Mona — January 22, 2014 @ 3:37 am

  2. @Mona. Yeah. That’s it.

    Um, I didn’t say he was guilty of anything. The point-which is pretty obvious-is that Kaspersky cannot blow the whistle on anything connected to the FSB or the Russian state. Duh. Meaning that his silence on the origin of malware, or the identity of those using it, is informative. That is, his very uncharacteristic silence about major malware/hacking tells you who the guilty are likely to be.

    The ProfessorComment by The Professor — January 22, 2014 @ 9:20 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

Powered by WordPress