Vice Society hackers have made mediocrity a weapon – Hi-Tech – Kommersant

The hacker group Vice Society (“Society of Vice” or “Society of Sin”) has been hacking government systems around the world for the second year. Until recently, hackers managed to stay out of the spotlight of the security services. Largely due to the fact that all this time the group has been struggling to show that it does not pose any serious threat to the world. But that all changed when hackers broke into the system of the second largest school district in the United States.

Social security numbers, financial and tax information, health information for tens of thousands of American students. At the end of September, all this data was made publicly available. This is the summary of the Los Angeles Unified School District (LAUSD) hack, the second largest school district in the United States, serving more than 1,000 schools in the region and about 600,000 students.

LAUSD employees noticed the failure in the system at the beginning of September. And after a couple of weeks, the hackers themselves got in touch – a certain grouping of Vice Society (VS; “Society of Vice”). They said that if they did not receive a ransom, they would put 500 GB of data on school students on the network. The hackers did not receive the money and carried out their threat.

Cybersecurity experts consider VS to be a Russian, or at least a Russian-speaking hacker group. It has existed since the end of 2020, but began active and visible activity in June 2021.

In any case, this is the opinion of Microsoft analysts who presented their own detailed report about these hackers last week. The report, it must be said, is full of technical details and completely uninformative as far as the organization itself is concerned.

Which is natural. One of the most successful hacking organizations in the world today is only now being noticed by both law enforcement and the media. The reason is the way the Vice Society works. The organization tried its best to portray itself as a bunch of mediocrities, gray and boring, who certainly could not do any serious harm. Even the site of a hacker organization works for this.

Italian cybersecurity experts (Vice Society is quite active in Italy, where the National Banking Association, several hospitals and the Palermo Education Authority are on the list of victims) note that hackers are usually very careful about how their site looks. In Vice Society, because of the colors used (blue letters on a purple background), it looks repulsive, and it is almost impossible to read the texts published on it.

“I wonder if this is intentional or just a bad choice by the developers?” — asked question of the Italians.

The group does not invent cunning methods of hacking and does not use the very advanced developments of its “colleagues” in data theft, and if it adopts someone else’s experience, it prefers the time-tested classics.

“They are the perfect example of successful mediocrity in a world of extortion,” he is quoted as saying. Wired Claire Tills, a researcher at the cybersecurity company Tenable, who studied the behavior of VS. — There are top-level groups that develop their own zero-day vulnerabilities and act flawlessly and professionally. And there is the Vice Society, which trudges aside, inventing nothing new and stealing tools from other people. In doing so, they consistently launch attacks, get paid, and move on.”

According to another American cybersecurity company, SEKOIAmembers of the “Society of Vice” do not always even dare to steal the tools necessary for work, but meekly buy them on the Dark Net.

In addition, they carefully select targets that are not known to be the focus of law enforcement or the media. Over the past two years, they have targeted, for example, the Barlow Respiratory Hospital in California, Sidney and Lois Eskenazi Hospital in Indiana, a hospital center in Arles, France, and a dental company in Brazil. The group also attacked the Waikato District Health Board in New Zealand. That is, the group deliberately chose targets somewhere on the periphery, in the outback of countries.

“They don’t necessarily focus on big targets. Not everyone realizes how terrible and destructive these attacks are, because they are so regional that they do not necessarily fall into the information field of society, ”says Alan Liska, an analyst at Recorded Future.

The turning point in the history of the group was precisely the attack on the LAUSD servers. Literally after that, the FBI released warning about the revitalization of the Vice Society and its special love for the educational sector of the United States.

Now Vice Society is always mentioned when it comes to ransom hackers. The group is cited as an example when it comes to the most active and most dangerous organizations of this kind.

And experts are wondering what the September attack on Los Angeles was. Was it a deliberate move by the Vice Society, who finally decided to make themselves known loudly, or did they actually turn out to be gray mediocrity who could not even calculate how significant their next target was. Or maybe it was a test of their own strength before something even more significant.

Kirill Sarkhanyants