Belarusian Cyber Partisans
The Belarusian Cyber Partisans is a highly organized hacktivist collective that is fighting for the liberation of Belarus from dictatorial rule, the establishment of democratic rights and the rule of law in the country.
The group emerged in the aftermath of the 2020 protests in Belarus against the tyrant Lukashenko, who had unlawfully taken control of the country. There are no professional hackers among us; most participants are ordinary IT specialists who are unwilling to tolerate lawlessness and are committed to combating dictatorship in any feasible way.
All members of the group remain anonymous since otherwise they and their families will be subject to persecution by Lukashenko’s regime. The only non-anonymous participant and official representative of the group is Yuliana Shemetovets.
Yuliana graduated from the Belarusian State University in 2016 with a degree in World Economics from the Faculty of International Relations. She also holds a Master's degree in Political Science from Rutgers University, New Jersey, and a Data Analytics from the University of Harrisburg, Pennsylvania, USA. Yuliana joined the Cyber Partisan group in August 2021 after a successful attack on the Ministry of Internal Affairs of Belarus.
Our principles
The Belarusian Cyber Partisans is a group of activists who, under conditions of severe political repression in Belarus, have chosen the only possible form of civil protest and resistance: challenging the institutions of Lukashenko's regime through online means. We are unequivocally a group of hacktivists, not a hacking organization, bringing together professionals from various fields without any commercial objectives.
We do not conduct attacks that could endanger people's health and safety. Our targets are solely entities that support the dictatorial regime.
We do not carry out commercial orders. Our group works to overthrow the dictatorship in Belarus, and not for personal enrichment.
We do not use the obtained information for personal gain. Only for solving crimes and countering dictatorial regimes in Belarus and Russia.
We take care of the personal data of Belarusian citizens, and we make every effort to protect their personal data. We only reveal information that is related to the regime and people who committed crimes against Belarusian citizens.
Our operations
As our fight persists, we are unable to discuss the majority of our hacks, access to sensitive systems, and data that we have. Among the publicized operations, the most remarkable ones include:
September 26, 2020
Hacking of state-run news websites
The group hacked the transmissions of Belarus' state channels (ONT and Belarus-1), which regularly disseminated content in favor of the Lukashenko regime. They broadcasted videos featuring scenes of torture inflicted on individuals detained by Interior Ministry officers during peaceful protests in August 2020.
July 26-30, 2021
The beginning of Operation Heat
Hacking of numerous state databases of Belarus, including the traffic police database, the AIS Passport system, the database recording citizens' appeals to the Ministry of Internal Affairs, and the operational drone video recordings service of the Ministry of Internal Affairs, among others.
August 9, 2021
Hacking of the servers of the Department of Operational and Investigative Activity Provision of the Ministry of Internal Affairs of the Republic of Belarus
The group successfully infiltrated the database of the Department of Operational and Investigative Activity Provision under the Ministry of Internal Affairs of Belarus. Consequently, we obtained terabytes of phone conversation records of Belarusian citizens, unveiling extensive surveillance orchestrated by entities controlled by the dictator Lukashenko.
August 29, 2021
Hacking of phone databases of all operators in Belarus
The group hacked databases containing details of all mobile numbers in Belarus
September 2, 2021
Hacking of Unified State Register of Real Estat databases
The Unified State Register of Real Estate was hacked. The group gained access to information about all real estate in Belarus.
November 1, 2021
Hacking of the Social Security Fund database
The National Social Security Fund was hacked. The group obtained access to records concerning official employment in Belarus and the corresponding salary information.
November 8, 2021
Hacking of the Passenger Trafic Database
November 17, 2021
The beginning of Operation Heat.
The group obtained access to information about all individuals who crossed the border of Belarus through official checkpoints.
Hacking of the internal network of the Academy of Public Administration of Belarus (so-called Lukashenko’s personal school).
November 29, 2021
Cyberattack on the computer network of Belaruskali, one of the largest state-owned companies of Belarus. It used to be one of the largest producers of potash fertilizers in the world.
We encrypted the computers and servers of the academy. We set wallpapers on the computers in honor of Roman Bondarenko - a Belarusian who was killed by employees of the Ministry of Internal Affairs after a peaceful protest in the yard of his own home.
November 30, 2021
Hacking of the wiretapped conversations within prison cells in Belarus
Obtained recordings of conversations from prisoners in Belarus, which were illegally created by prison staff.
December 10, 2021
Cyberattack on the computer network of "MogilevTransMash", the largest car company in Belarus
The internal network of the enterprise was encrypted, all databases were downloaded. Wallpapers in honor of Andrey Zeltser, a protester killed by KGB employees, were installed on the computers of the staff.
January 24, 2022
Cyberattack on the computer network of the Belarusian Railway
The primary part of servers, databases, and workstations was encrypted to slow down and disrupt the operations of the Belarusian Railway, through which Russian occupation forces were permitted. Backups were destroyed. Automation and security systems were intentionally NOT affected by the cyberattack to prevent emergency situations.
February 27, 2022
Attack on communication nodes and gateways of the Belarusian Railway
Restriction on the movement of Russian military equipment through the territory of Belarus towards the borders of Ukraine.
November 18, 2022
Cyberattack on the General Radio Frequency Centre, a subdivision of Roskomnadzor
We encrypted workstations and extracted over 2 TB of data, which was then passed on to journalists from independent media. This exposure led to the revelation of extensive surveillance by Roskomnadzor of individuals who don't support the Kremlin's policies.
May 22, 2023
Cyberattack on "WAGON-SERVICE", Russian logistic company
"WAGON-SERVICE" logistics company maintains trains for Russian Railways, which in turn supplies military equipment and ammunition to the front. Workstations were encrypted. All document flow, emails, and data from servers (over 2 TB) were extracted.
July 4, 2023
Cyberattack on the Belarusian State University
The university's administration is involved in the political suppression of both students and faculty members. Workstations have been encrypted, and more than 3 terabytes of data have been downloaded. All websites were inaccessible.
December 31, 2023
Attack on the Belarusian Telegraphic Agency
The computer network of the main state propagandists of Lukashenko's criminal regime was attacked. Internal network and main sites hacked. (web archive available here). Domain controllers affected. Downloaded 90GB of data. Cleared workstations, archives, backups, website servers.
April 17, 2024
Cyber Attack on "Grodno Azot"
"Grodno Azot" is one of the largest enterprises in Belarus. It's an open joint-stock company, state-run producer of nitrogen compounds and fertilizers. The management of "Grodno Azot" is engaged in political repression against workers and circumvents economic sanctions imposed by Western countries for supporting the Lukashenko regime. Internal emails, document circulation, and hundreds of workstations have been encrypted. Backups of databases, servers, emails, and document circulation have been destroyed. Security systems and surveillance cameras have been breached. The operation of the boiler room has been disrupted. The official website has been targeted (web archive accessible via link).
April 26, 2024
Breach of Belarusian KGB Website
We announced that the Belarusian State Security Committee (KGB) website was hacked in the fall of 2023. The database of the website has been made public, which includes approximately 40 thousand inquiries to the KGB from citizens of various countries between September 2014 and August 2023.
May 5, 2024
Second Cyber-Attack on Grodno Azot
The management of the Grodno Azot plant engages in political repression against workers and circumvents economic sanctions imposed by Western countries for supporting the Lukashenko regime. Our group has erased data from many hundreds of worker computers, cleared document circulation, and affected domain controllers and other servers.
Since December 2022, the Cyber Partisans have joined forces with the Kastus Kalinouski Regiment, which is fighting in Ukraine as one of the units of the Ukrainian Armed Forces. We engage in cyber offensives targeting adversary infrastructure, performing cyber intelligence, and ensuring cybersecurity.