{ "id": "f9c2880b-3c79-4384-b7a5-15e34b3c2489", "created_at": "2026-04-06T00:21:24.152817Z", "updated_at": "2026-04-10T03:30:33.012655Z", "deleted_at": null, "sha1_hash": "7e945d3554442d8ee69fc968ceba533748d7df26", "title": "Belarusian hacktivists сlaim to breach country’s leading state university", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 90058, "plain_text": "Belarusian hacktivists сlaim to breach country’s leading state\r\nuniversity\r\nBy Daryna Antoniuk\r\nPublished: 2023-07-05 · Archived: 2026-04-05 14:08:36 UTC\r\nThe Belarusian hacker group known as the Cyber Partisans is claiming an attack on the country’s largest state-owned university.\r\nThe Belarusian State University (BSU) is located in the capital city of Minsk and has over 44,800 students. The\r\nCyber Partisans said they have been trying to access its systems for over two months and finally succeeded this\r\nweek.\r\n“It took us time to infiltrate the network and gain a foothold there,” the hackers said. “Our goal was to cause\r\nmaximum damage so that BSU could not recover for a long time.”\r\n☄️ CYBERATTACK ON BELARUSIAN STATE UNIVERSITY\r\n¼ We started working on this attack 2 months ago after BSU posted a video with a student who was\r\nhumiliated \u0026 forced to apologize. Since 2020 many students were detained and staff let go for political\r\npositions pic.twitter.com/TCh6ol06LI\r\n— Belarusian Cyber-Partisans (@cpartisans) July 4, 2023\r\nThe Cyber Partisans claimed to have accessed 3 terabytes of data from the university's system. They claim to have\r\nencrypted and wiped computers and servers, and also shut down the domain controllers responsible for managing\r\nuser authentication and network security.\r\nAt this story’s time of publication on Wednesday, the Belarusian State University website is still down.\r\nThe university denied any cyberattack and attributed the system's downtime to technical issues. Officials also\r\nclaimed that the photos and screenshots shared by the hackers were fake and photoshopped.\r\nBelarusian hacktivists, known for their politically motivated attacks on the regime of Belarusian dictator\r\nAlexander Lukashenko and as well as Russian targets, said they would exchange stolen data for the release of 50\r\nprisoners detained for opposing the government.\r\nSince 2020, when massive anti-government protests began in Belarus following a controversial presidential\r\nelection believed to have been rigged by Lukashenko, BSU students have been intimidated and expelled because\r\nof their political views, according to the Cyber Partisans.\r\nIn April, BSU posted a video of a student who was forced to apologize on camera for allegedly “discrediting” the\r\nuniversity. \"When you act as oppressors, you make yourselves a target for our cyberattacks,\" the Cyber Partisans\r\nsaid.\r\nhttps://therecord.media/cyber-partisans-belarusian-state-university-attack\r\nPage 1 of 3\n\nThe hackers said they had not planned to attack the university but were appalled by the video. \"It was filmed in an\r\ninstitution that should educate, not promote violence,\" they said.\r\nThe Cyber Partisans said they managed to get into the system by obtaining the password of one of a student who\r\nhas higher-level access. Then they accessed BSU's email and cloud services, as well as its website, ultimately\r\ninfiltrating the servers and internal network.\r\nAfter BSU issued its statement denying the attack, the Cyber Partisans retaliated by sharing additional screenshots\r\nfrom the university president's email, including excerpts from his bank account.\r\n“We have over 3 terabytes of data from your servers—are you sure you want to play this game with us? You'd\r\nbetter beg the dictator to release political prisoners,” the hackers said.\r\nDaryna Antoniuk\r\nis a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in\r\nEastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for\r\nForbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.\r\nhttps://therecord.media/cyber-partisans-belarusian-state-university-attack\r\nPage 2 of 3\n\nSource: https://therecord.media/cyber-partisans-belarusian-state-university-attack\r\nhttps://therecord.media/cyber-partisans-belarusian-state-university-attack\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "MISPGALAXY", "Malpedia" ], "references": [ "https://therecord.media/cyber-partisans-belarusian-state-university-attack" ], "report_names": [ "cyber-partisans-belarusian-state-university-attack" ], "threat_actors": [ { "id": "4f472ea8-b147-486d-8533-88f8036343a6", "created_at": "2024-01-23T13:22:35.081084Z", "updated_at": "2026-04-10T02:00:03.520098Z", "deleted_at": null, "main_name": "Cyber Partisans", "aliases": [], "source_name": "MISPGALAXY:Cyber Partisans", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "75108fc1-7f6a-450e-b024-10284f3f62bb", "created_at": "2024-11-01T02:00:52.756877Z", "updated_at": "2026-04-10T02:00:05.273746Z", "deleted_at": null, "main_name": "Play", "aliases": null, "source_name": "MITRE:Play", "tools": [ "Nltest", "AdFind", "PsExec", "Wevtutil", "Cobalt Strike", "Playcrypt", "Mimikatz" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434884, "ts_updated_at": 1775791833, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/7e945d3554442d8ee69fc968ceba533748d7df26.pdf", "text": "https://archive.orkl.eu/7e945d3554442d8ee69fc968ceba533748d7df26.txt", "img": "https://archive.orkl.eu/7e945d3554442d8ee69fc968ceba533748d7df26.jpg" } }