The SVR, Russia’s main intelligence service, has deployed a system similar to the SecureDrop whistleblowing platform to allow Russians living abroad to safely send anonymous tips via the Tor network about national security threats.

“If you are outside Russia and have important information regarding urgent threats to the security of the Russian Federation, you can safely and anonymously share it with us via the virtual reception system (VRS) of the SVR over the TOR network,” the Russian Foreign Intelligence Service (SVR) says in a page on its official website, spotted by Russian news site CurrentTime.

The SVR’s new Tor site is located at:

svrgovru24yd42e6mmrnohzs37hb35yqeulvmvkc76e3drb75gs4qrid.onion

SVR-dark-web

The Tor site works similarly to SecureDrop, an open-source project that allows government organizations, NGOs, and news agencies to receive anonymous tips.

Users who want to send a tip to the SVR can register on the will receive a five-word keyphrase that they can use at a later date to access their tip and see responses from SVR agents.

SVR-dark-web-codes

The tips submissions process is identical to how the SecureDrop software also works—with the added difference that SecureDrop generates seven-word keyphrases instead of five. The instructions on how to use the platform are also eerily similar to the ones provided by the SecureDrop platform.

It is currently unclear if the SVR has developed its own SecureDrop clone for its whistleblowing platform or uses a lesser-known open-source project instead.

The agency has not made any formal announcement about its new Tor portal, which appears to have been silently added to its official website on December 30, 2020, Recorded Future’s Insikt Group told The Record today.

The CIA has a Tor site too, but not like this

However, the SVR is not the first intelligence agency to run a Tor website. The US Central Intelligence Agency (CIA) launched a Tor-hosted version of its official website in May 2019.

The difference is that the CIA’s Tor site —located at ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion —is just an identical version of its official site and does not allow regular Americans living in the US or abroad to notify the agency in a similarly secure manner as Russians can do with the SVR.

CIA-dark-web-site

Last week, on April 15, the Biden administration formally accused the SVR of orchestrating the 2020 SolarWinds supply chain attack through its cyber-espionage unit known as APT29 (Cozy Bear).

The SVR denied the accusations in a cryptic and somewhat hilarious response posted on its official website.


administrator

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.

Freelance writer