Risky Bulletin Between Two Nerds: How Russia's sabotage team got into hacking
Jun 9, 2025
Delve into the shadowy world of Unit 29155, Russia's military hacking squad. Discover how open-source intelligence uncovers their operations and the complexities of blending traditional espionage with modern cyber tactics. Learn about a false flag hacking operation and the unique communication methods these hackers employ. Explore the dynamics of smaller, autonomous hacking groups versus larger ones, and the ethical dilemmas faced within these chaotic networks. It's a thrilling journey through contemporary cyber warfare and intelligence.
AI Snips
Chapters
Transcript
Episode notes
Unit 29155's Unusual Cyber Origins
- Unit 29155 combined sabotage and hacking but lacked typical hacker culture and opsec practices.
- Their hacking roots came from recruited cybercriminals, not traditional intelligence operatives.
Lax Tradecraft Reveals Operations
- The unit used poor operational security methods like sending operational reports via VK and leaving logs undeleted.
- Their lax tradecraft was a significant source of intelligence for investigators.
Tim Stiegel's Hack and Leak
- Hacker Tim Stiegel was a cybercriminal recruited into Unit 29155 who led several hack and leak operations.
- One notable false flag leaked 1.5 GB from Qatar's state bank exposing dealings of the Qatari royal family.