0v1ru$

The organisation known by the alias 0v1ru$ is identified as a hacking group. It came to public attention following a cyber intrusion on July 13, 2019. The target of that intrusion was SyTech, a contractor working for Russia's primary security agency. SyTech provides technical services and support to the agency's intelligence operations. The breach was carried out by the group using unspecified methods that resulted in unauthorized access to SyTech's internal networks.

The attackers exfiltrated data relating to multiple sensitive projects undertaken by SyTech. Among those projects were efforts to develop social media scraping tools aimed at platforms such as Facebook and LinkedIn. Another project focused on techniques to de-anonymize users of the Tor anonymity network. A third initiative involved preparatory work for a sovereign Russian internet infrastructure. The stolen data also included internal documentation such as project codenames and managerial roles.

The exfiltrated information was subsequently shared with the broader hacking collective known as Digital Revolution. Members of Digital Revolution further disseminated the data to various media outlets for public reporting. Analyses of the leaked material indicated that it did not contain classified state secrets. The incident was described by observers as potentially the largest breach in the history of the Russian security agency. The breach highlighted weaknesses in intelligence supply chains that rely on third‑party contractors, and the attackers defaced SyTech's website while mocking the agency's security posture.