Cyber attack on Dozor-Teleport: who hacked a satellite operator and why
Thursday, June 29 online there were messages that the Dozor-Teleport satellite communications operator, which is part of the Amtel group, became the victim of a cyber attack. The company provides satellite Internet and telephony services for public and private clients.
One of the users, Twitter Doug Madory, informs that the Russian satellite operator “Dozor-Teleport” left the global routing table at about 5 am Moscow time. Of the five routes previously announced by AS41942, four have been withdrawn, and one has now been announced by Amtel-Communication (AS51764), the parent company of Dozor Teleport.
According to the Internet Outage Detection and Analysis (IODA) project by the Internet Intelligence Research Lab, Dozor network does not operate from 02:00 UTC.
The Dozor-Teleport website was hacked and replaced with a page with the PMC Wagner logo and a link to the Richard W telegram channel. Leaked company data was published on this channel. In addition, it was announced that the Dozor-Teleport satellites would cease to operate.
However, the version of Wagner’s participation most likely serves to cover up the actions of other parties who may be interested in provocation and could use the current situation in Russia as an excuse to attack one of the leading satellite communications operators in the country.
Earlier this week researchers found a strain of ransomware called Wagner that infects user devices and invites them to join PMCs.