Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
A Russian telecommunications company developing technology to allow phone and Internet companies to conduct web surveillance and censorship has been hacked, had its website defaced, and data stolen from its servers, TechCrunch has learned.
Founded in Russia, Protei manufactures communications systems for telephone and Internet providers in dozens of countries, including Bahrain, Italy, Kazakhstan, Mexico, Pakistan and much of central Africa. The company, now headquartered in Jordan, sells video conferencing technology and Internet connectivity solutions, as well as surveillance equipment and web filtering products, such as deep packet inspection systems.
It’s not clear exactly when or how Protei was hacked, but a A copy of the company’s website The location on the Internet Archive’s Wayback Machine shows that it was defaced on November 8. The site was restored shortly after.
During the hack, the hacker obtained the contents of Protei’s web server — about 182GB of files — including emails dating back years.
A copy of the Protei data has been provided to DDoSecretsa non-profit transparency group that catalogs leaked data sets in the public interest, including data from law enforcement, government agencies, and companies involved in the surveillance industry.
Muhammad Jalal, managing director of the Proti branch in Jordan, did not respond to a request for comment on the hack.
Neither the hacker’s identity nor his motives are known, but the defaced website says: “Another DPI/SORM provider still alive.” The letter likely refers to the company’s sales of deep packet inspection systems and other Internet filtering technologies to the lawful interception system developed by Russia. Known as SORM.
SORM is the main legal interception system used throughout Russia as well Several other countries Which uses Russian technology. Telephone and Internet providers install SORM equipment on their networks, allowing their country’s governments to obtain the contents of the networks’ customers’ calls, text messages, and web browsing data.
Deep packet inspection devices allow carriers to identify and filter web traffic based on its source, such as a specific social media website or messaging application, and selectively block access. These systems are used for surveillance and censorship in areas where freedom of speech and expression is limited.
Citizen Lab Reported in 2023 Iranian telecommunications giant Ariantel has consulted with Protei about technology to log Internet traffic and block access to certain websites. Documents seen and published by Citizen Lab show that Protei touted the ability of its technology to restrict or block access to websites for specific people or entire populations.