Hacktivist groups have come together under the #FreeDurov initiative to execute a large-scale cyber campaign against France. This response follows the arrest of Pavel Durov, CEO of the renowned messaging platform Telegram, and involves coordinated DDoS attacks against over 50 French entities.
Pavel Durov’s detainment by French authorities has sparked a wave of cyber operations led by various hacktivist factions, predominantly those linked to pro-Russian and pro-Islamic sentiments. In a show of force, these groups are conducting distributed denial-of-service (DDoS) attacks on numerous French organizations, advocating for Durov’s immediate release.
The campaign, referred to as #FreeDurov or #OpDurov, features several notable hacktivist collectives, including the Cyber Army of Russia Reborn (CARR), RipperSec, EvilWeb, CyberDragon, UserSec, and STUCX Team. These groups have amalgamated their resources to target French websites, impacting a broad spectrum of sectors, including government services, healthcare, transportation, and educational institutions.
Notably, CARR, a pro-Russian collective with connections to Russian military intelligence, has played a significant role in this campaign. With a Telegram entourage exceeding 62,000 members, CARR has set its sights on high-profile institutions, including the Council of Europe and the French National Center for Scientific Research.
RipperSec, a Malaysian-based group, has also participated by deploying its custom-built DDoS tool MegaMedusa against French sites. This group has publicly taken responsibility for attacks targeting critical governmental websites, such as the French Ministry of Justice and the National Police.
In addition, other participants like EvilWeb and CyberDragon have engaged in both DDoS operations and hacking attempts, successfully infiltrating French systems. Reports indicate they have shared the sensitive data they’ve obtained through these hacks within their Telegram groups, demonstrating the proactive nature of their digital crusade.
The motivations propelling this campaign vary significantly among the involved factions. While certain groups rally around Durov and his application, others prioritize the operational integrity of Telegram itself. Research conducted by Check Point has revealed that some pro-Russian participants view Durov as an ally and engage in what they consider patriotic hacking initiatives.
Although the frequency of attacks has subsided following Durov’s release from police custody, the potential for renewed escalation exists should France impose sanctions on the tech entrepreneur due to issues concerning Telegram’s content moderation. This situation highlights the complex interplay between state actions and hacktivist responses in the ongoing digital battleground.
