Cyber Incident Victim: Rossgram

In early April 2022, Anonymous-affiliated hacking groups intensified operations against Russian entities amid heightened geopolitical tensions. On April 7, 2022, Anonymous publicly claimed responsibility for breaching multiple Russian private businesses and leaking their confidential data through the DDoSecrets transparency platform. Among these operations, the subgroup "The Black Rabbit World" (@Thblckrbbtworld) asserted they had compromised the Kremlin's CCTV surveillance systems, announcing via social media: "We won’t stop until we reveal all of your secrets... Now we’re inside the castle, Kremlin." This intrusion represented a symbolic penetration of Russia’s central administrative complex, though specific technical details of the breach were not disclosed. The collective framed these actions as part of an ongoing campaign to expose Russian institutional secrets, aligning with their broader hacktivist objectives during the conflict period.

Concurrently, Ukraine’s volunteer IT ARMY executed a separate operation targeting Rossgram, a Russian-developed alternative to Instagram launched after Meta’s platforms faced restrictions in Russia. The IT ARMY successfully compromised Rossgram’s infrastructure, though the exact method of intrusion remained unspecified in available reports. Following the breach, the group developed and distributed a counterfeit Rossgram application, likely intended to facilitate further exploitation or misinformation campaigns against Russian users. This incident disrupted Russia’s efforts to establish domestic social media alternatives while demonstrating the IT ARMY’s capacity to undermine newly deployed digital services. The operation formed part of a coordinated effort between decentralized hacktivist networks to apply pressure on Russian economic and technological assets through both data exfiltration and service disruption tactics.