Cyber Incident Victim: volozhin.gov.by
Date:
Mar 2022
Location:
Belarus
Summary
Anonymous conducted cyber operations targeting entities associated with Russian oligarchs and Belarusian government infrastructure, compromising a Belarusian municipal website related to Volozhin's economy. The hacktivist group also breached a sanctioned Russian investment firm, exfiltrating and publicly releasing tens of thousands of internal emails through a transparency platform. These coordinated actions formed part of broader digital campaigns against organizations perceived as supporting Russian geopolitical interests during regional tensions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around March 31, 2022, the hacktivist collective Anonymous claimed responsibility for compromising a Belarusian government website associated with the Economy of Volozhin, a city in the Minsk region. This incident formed part of a broader campaign targeting entities linked to the Russian government and its allies amid geopolitical tensions. Anonymous simultaneously announced the breach of Marathon Group, a Russian investment firm owned by sanctioned oligarch Alexander Vinokurov, who is the son-in-law of Russian Foreign Minister Lavrov. The collective exfiltrated 62,000 emails (a 52GB data archive) from Marathon Group and published the dataset via the transparency platform Distributed Denial of Secrets (DDoSecrets). While technical specifics of the volozhin.gov.by compromise were not disclosed in available reports, the operation demonstrated coordinated targeting of both private Russian businesses and Belarusian public sector assets. The timing coincided with Anonymous’s stated objective of disrupting organizations affiliated with the Russian government and its supporters following the invasion of Ukraine.
The breach of volozhin.gov.by represented an expansion of Anonymous’s operations into Belarusian governmental infrastructure, though the precise scope and nature of accessed data remained unspecified. No data leaks from the Belarusian domain were publicly confirmed in the immediate aftermath, contrasting with the Marathon Group incident where email archives were rapidly disseminated. The incident occurred against a backdrop of sustained cyber campaigns against Belarusian state targets, which Anonymous framed as retaliation for the country’s political alignment with Russia. Impacts on Volozhin’s local economic operations or municipal services were not detailed in available sources. Similarly, no containment measures, forensic findings, or official responses from Belarusian authorities were documented in the referenced reporting. The operation highlighted the collective’s continued focus on symbolic targets associated with Russian geopolitical interests, though technical execution and consequences varied between the concurrently announced breaches.