Protei Hacked: Data Stolen, Website Defaced
▼ Summary
– Russian telecom company Protei was hacked, resulting in website defacement and theft of 182 gigabytes of data including years of emails.
– Protei develops surveillance and censorship technology like deep packet inspection systems for phone and internet providers across dozens of countries.
– The hacker’s identity and motives are unknown, but the defaced website referenced Protei’s sales of DPI/SORM lawful intercept systems.
– SORM is a Russian-developed lawful intercept system that allows governments to monitor calls, texts, and web browsing data of network customers.
– Protei’s technology has been used to restrict internet access for specific individuals or populations, as documented in a 2023 Citizen Lab report about Iranian telecom consultations.
A significant security breach has compromised Protei, a Russian-founded telecommunications firm known for supplying web surveillance and censorship technology to phone and internet providers worldwide. The company experienced a website defacement and a substantial data theft, with approximately 182 gigabytes of internal files extracted from its servers. This incident highlights ongoing cybersecurity vulnerabilities within the surveillance technology sector.
Originally established in Russia, Protei now operates its headquarters from Jordan. The company provides a range of services and products to dozens of countries, including Bahrain, Italy, Kazakhstan, Mexico, Pakistan, and numerous nations across central Africa. Its offerings extend beyond standard video conferencing and internet connectivity solutions to include deep packet inspection systems and other web-filtering equipment designed for monitoring and controlling online activities.
While the precise timing and method of the attack remain unclear, archived records confirm that Protei’s website was defaced on November 8. The site was returned to normal shortly afterward. During the intrusion, the hacker gained access to years of company emails and a vast collection of internal documents.
A copy of the stolen data was shared with DDoSecrets, a non-profit transparency organization dedicated to publishing leaked datasets in the public interest. This group frequently handles information originating from law enforcement, governmental bodies, and firms operating in the surveillance industry.
![Image: Screenshot of the defaced website]
Mohammad Jalal, the managing director of Protei’s Jordan branch, did not reply to requests for comment regarding the security incident.
The individual or group responsible for the hack has not been identified, and their motives remain unknown. However, the defaced website displayed a message stating, “another DPI/SORM provider bites the dust.” This appears to reference Protei’s role in supplying deep packet inspection (DPI) technology and other filtering systems compatible with SORM, a Russian-developed lawful interception framework.
SORM serves as the primary lawful intercept system throughout Russia and in other countries utilizing Russian telecommunications technology. Telecom providers install SORM-compliant equipment on their networks, enabling government agencies to access customer call records, text messages, and internet browsing data.
Deep-packet inspection technology allows telecommunications companies to analyze, identify, and filter internet traffic based on its origin, such as specific social media platforms or messaging applications, and to block access selectively. These systems are frequently deployed in regions with restricted freedoms of speech and expression, enabling both surveillance and censorship.
In a 2023 report, Citizen Lab disclosed that the Iranian telecommunications provider Ariantel had consulted with Protei regarding technology for logging internet traffic and blocking access to certain websites. Documents reviewed and published by Citizen Lab indicated that Protei promoted its systems’ capability to restrict or deny website access for targeted individuals or large segments of the population.
(Source: TechCrunch)
