A group of cybercriminals calling themselves Pravyy Sector are threatening the Polish Ministry of Defence on Twitter, demanding $50,000 to be paid to a Ukrainian bank account or a bitcoin address.

The hackers claim to have stolen data from the Defence Ministry and promise to put it online if their demands are not met. Earlier, they leaked some of the files on Twitter, including scans of official documents, screenshots of the desktop of a Defence Ministry computer, and an Excel file admittedly containing local Intranet logs. Later, according to Softpedia, they added some information supposedly proving Poland’s participation in the US PRISM, a clandestine surveillance program. This information has been deleted afterwards.

Polish security firm Niebezpecznik investigating the validity of hackers’ claims confirmed that at least a portion of the leaked documents is authentic. As for the PRISM data, the experts claimed it “looked false.” According to Gazeta Wyborcza, a representative of the Defence Ministry neither denied nor confirmed being hacked.

Yesterday, the hackers wrote on their Twitter feed:

This last warning and if the Polish Gov. dnt pay us $50k we will publish all the logs in public within few hours — Pravyy Sector (@pravsector) 14 июля 2016 г.

They gave the government two payment options, at first providing details of a Ukrainian bank account in Privatbank and then adding “but better pay in Bitcoin” with a bitcoin address provided.

The hackers call themselves “Pravyy Sector” (Right Sector), the name used by a Ukrainian extreme nationalist group. However, Gazeta Wyborcza emphasises that there is no proof they are really Ukrainians. They might as well be Russians posing as Ukrainians in order to play on Polish-Ukrainian controversies.

Ukrainians or Russians they may be, their Twitter ассount has been created quite recently and is different from the official Twitter of the extremist organisation. Before attacking Polish Ministry of Defence, “Pravyy Sector” hackers have also breached the servers of Poland’s second largest telecom company Netia, stealing and putting online personal data of its users and clients.

It is not the first time for a hacker attack to be linked with the Pravyy Sector. For instance, the organisation was earlier told to be behind the hack of the Twitter account of the National Security Service of Ukraine but the leadership of Pravyy Sector deсlined any responsibility for that attack.

Alexey Tereshchenko