The user "Habra" has access to surveillance cameras, scoreboard and Russian Railways services. The company announced the absence of leaks

Many carrier services worked with default passwords, found out a programmer.

Cat on the observation chamber to which the programmer has access

User "Habra" and the creator of the telegram channel of information security under Nick Lmonoceros said that he got access to surveillance cameras at stations and in offices, as well as many internal Russian Railways services.

LmonoCeros decided to check how protected by the Russian Railways, since it remained a displeased "dismissive" reaction of the company to the post of another user "Habra" in November 2020. He got access to the internal network of Russian Railways through Wi-Fi "Sapsana". Then the Railways representative rejected the presence of vulnerabilities, "which would affect the leakage of some critical data," and called the "Habra" user "young naturalist" and "an attacker".

The publication author opened the NMAP utility and launched an open IP network scan. With this, he discovered services with open ports. "The hypothesis is confirmed: the proxy may have entire unprotected networks," the programmer noted.

A number of Russian Railways service worked with the default passwords, the user "Habra" said. He stated that he got access to:

• network equipment;
• not less than 10 thousand chambers of outdoor surveillance at train stations and in Russian Railways offices;

• Systems for managing the scoreboard on the opponents;
• IP phones and freepbx servers that are needed for office telephony;
• IPMI (Intelligent Platform Management Interface) servers - you can remotely manage their work;
• a number of internal services, including the directorate of passenger arrangements (a complex, including platforms, canopies, pavilions, cash regions, railway stations, fencing, static and dynamic visual information);
• monitoring systems for ensuring buildings;
• Air conditioning and ventilation control systems.

Directorate of passenger arrangements. Posted by: Screenshot of the user "Habra"

LMONOCEROS In Publications on Habré described a vision of a situation, for example, noting the absence of firewalls (a complex required to improve data security), a bunch of devices without protection "and the lack of control of outgoing traffic.

The author appealed to the Railways Departmentarer Evgenia Charkin, which until December 2020 held the position of Director for Information Technologies and was responsible for the publication of another Habra user about vulnerabilities in the company.

Railways in response to the media request spoke about the beginning of an internal investigation on the fact of publication on Habré. The company briefly stated that these users did not proceed and there is no security threat.

LMONOCEROS himself in the "open media" comments refused to disclose the details of the hacking of networks. At the same time, he noted that the procedure can repeat the "any qualified" person.

# News # Hubre # leaks # Russian Railways

A source