On April 15, the website of InformNapalm volunteer intelligence community published the first part of a series of materials planned for publication based on the results of a multi-level CYBINT operation where hackers of the Cyber Resistance team obtained over 100 GB of information and classified data from a Russian limited liability company (LLC ) ALBATROSS (we called this leak AlabugaLeaks). In the first part, we touched upo the “motor boats” project, a smokescreen for the production of Russian analogues of the Iranian Shahed-136 drones (Geran-2, under the Russian designation) on the territory of the Alabuga SEZ in Tatarstan. The first part of the investigation was translated into more than 10 languages and is available at the following link:
This is the second part of a series of materials based on the hacking of the mail box of a senior manager of Alabuga SEZ. In this feature, we will show the close cooperation of Albatross and the Kaspersky Lab companies. In this publication:
- Which managers of the Kaspersky Lab neural network development team created the on-board AI system for the Russian Albatross drones;
- Close ties and cooperation between Albatross and Kaspersky Lab, which continue after the start of the full-scale Russian invasion of Ukraine;
- How Albatross directly used solutions created in collaboration with Kaspersky Lab specialists in the war against Ukraine;
Kaspersky Lab is a Russian company specializing in the development of software and antivirus applications. In 2017, the US government banned the use of Kaspersky Lab software by federal agencies due to concerns about data leaks to Russian intelligence agencies. However, as of April 2024, Kaspersky Lab still manages to avoid significant international and, in particular, American sanctions, although individual countries and organizations have taken measures against the use of the company’s products. These measures were motivated by national security concerns but were not formalized as sanctions at the international level. Interestingly, on April 9, 2024, CNN, citing “5 US officials,” reported of a possible blocking of Kaspersky Lab products in the United States. Decisions are supposed to be made by the end of the month. Reason for the possible ban: national security concerns.
But it’s worth noting that after the full-scale Russian invasion of Ukraine, Western media have reported on possible restrictions on Kaspersky Lab every year, and for some reason in April. However, these announcements have not yet resulted in real sanctions against Kaspersky Lab and this company continues to freely promote its technologies.
In most countries of the free world, neither an asset freeze, nor a ban on the sale of certain types of goods to it, nor a ban on trading in its securities have yet been officially introduced against the Kaspersky Lab company. Only Ukraine and Poland have imposed restrictions of this level on Kaspersky Lab and its founder Evgeniy Kaspersky. In the USA, for example, there is still only a ban on the use of products of this Russian developer for government services and officials.
We believe that comprehensive sanctions against Kaspersky Lab should be imposed immediately, because the use of its products threatens the US national security.
Materials found in dumps of the Albatross company (AlabugaLeaks) make it clear that the software products of this company are used in the Russian military technology, namely in the development of drones.
Here we need to go back in history, to 2018, when 6 enthusiasts decided to take part in the large-scale Odyssey competition (archive) to develop new generation of search and rescue technologies. Then a grant fund of 75 million rubles was announced for the winners of the competition from the Sistema charitable foundation (a division of AFK Sistema, one of the largest Russian investment funds).
Among the 130 teams that applied for this competition, one called ALB-search is of special importance. Here is the list of its participants.
Two persons from this list were discussed in the first part of the AlabugaLeaks series. Let us recall that Alexey Florov and Konstantin Spiridonov are among the key players in organizing the production of combat drones in the Alabuga SEZ. Both are managers of Albatross LLC.
The team captain, Nikita Kalmykov, is one of the founders of Albatross and the former general director of the company. Ilya Voronkov is the head of the Geomir company, where he works side by side with Florov (another company in which he is involved).
The other two – Vladimir Kleshnin and Vladimir Turov did not officially work at Albatross. At the same time, as evidenced by the documents obtained by Cyber Resistance hacktivists, both have never broken ties either with their teammates from Odyssey or with Albatross as a company and have played (are playing) significant role in its development.
Although ALB-search did not win the Odyssey contest, its participation brought a windfall to all of its participants. The team’s idea was that a drone with a camera and ultra-sensitive microphones should also be equipped with an on-board computer running a trained neural network. Photos or sounds captured by the flying craft are immediately analyzed by the neural network. If it identifies the signs of human presence, a snapshot of the area and coordinates are sent to the base station for subsequent assessment.
At the time of the contest, Albatross had two types of UAVs of its own design: a copter and a fixed-wing. However, it did not have a trained on-board neural network. Invited specialists Turov and Kleshnin needed to solve several problems: set up hardware and stable data transmission and train the neural network. Payment for work was carried out officially, with acceptance documents.
As an outcome of the Odyssey participation, five of the six team members registered a patent titled: Fixed-wing Unmanned Aerial Vehicle for Locating a Missing Person. Now this patent features on Albatross presentations for potential clients.
It should be noted, that there is an overstatement in the image above. It’s the phrase “our own proprietary technology“. The following slide from the same classified presentation of Albatross looks much more truthful:
“Kaspersky Lab uses Albatross drones as a carrier for its intelligent systems… As part of a partnership with the Russian aircraft manufacturer Albatross, solutions of Kaspersky Neural Networks solutions have already been installed on the Albatross M5 fixed-wing drones and Albatross D1 industrial quadcopters. The full presentation made public within AlabugaLeaks, can be downloaded here (*.pptx, 139 MB).
Thus, the slides show that Albatross drones carry Kaspersky Lab’s artificial intelligence systems. Now let’s look into how this happened.
Joint technology
The AlabugaLeaks data array on the activities of Albatross makes it possible to track the development history of certain company products. So, Kleshnin and Turov were invited to participate in the Odyssey competition and create an artificial intelligence system for their drones. Turov’s CV says that since 2018, he has been working at Kaspersky Lab as the head of the Antidrone project, focused on creating a protection system against UAVs. Cooperation with Albatross is not his main activity.
It is not yet clear whether Turov involved Kleshnin to work at Kaspersky Lab after meeting him on the Albatross project, or whether it happened any other way. But already as of January 2020 Kleshnin began corresponding with the corporate email of Kaspersky Lab, this is a proven fact. Albatross itself also did not stand aside and became a partner of this company. For example, Kaspersky Lab started purchasing Western equipment through Albatros LLC, a little-known company at that time.
A separate division was at Kaspersky Lab called Kaspersky Neural Networks. And Albatross is a significant component of it. The parties jointly advertise the product in the media. Also, the flagship drone Albatross M5 is visible in the company presentation materials of the Kaspersky Lab. For full presentation – follow this link (*PDF)
Finally, the cooperation and the origin of neural network as a Kaspersky product are directly announced on the company’s website.
A drone with a neural network is not the only collaboration project of Kaspersky with Albatross. There is a second brainchild of Turov and Kleshnin, where Albatross also plays an important role. It’s called Kaspersky Antidrone, a project onthe development of anti-drone safety systems for industrial consumers. This is a complex of radars and video equipment that records drone flights over a certain territory. Again, at the heart of it there is a neural network. If a drone flies into a certain space, the system can take over its control and return it to the departure point. The Russian edition of Forbes wrote about the great financial success of the project in March 2023.
Kaspersky Lab does not disclose most of the Antidrone system customers. They say that it is “a rather sensitive story now” (after the full-scale invasion of the Russian Federation in Ukraine – ed.). However, Cyber Resistance and InformNapalm have a partial list of the covered facilities. Among them are Chelyabinsk Tube Rolling Plant (a plant that produced pipes for the Nord Stream gas pipeline), Norilsk Nickel (one of the largest metallurgical plants in the Russian Federation), and the Mozyr Oil Refinery (an oil refinery in Belarus).
All this data was obtained from the Albatross leak (AlabugaLeaks), because the company plays the role of an “integrator” in the system sales. This means purchasing the necessary equipment (as in the case of the OPAL leader, which has already been shown), assistance with documentation, training staff to work with the system, etc. How this works is shown below on the case of the agreement with the Mozyr Oil Refinery.
The date of the letter, March 14, 2023, shows that the events take place a year after the full-scale Russian invasion of Ukraine and 2 months after the transfer of Albatross production to Yelabuga. At that time, reports had already appeared in the media about the Kremlin’s plans to produce Shahed drones in Tatarstan. The role of Albatross in this is now clearly known. However, there is not even a statement from Kaspersky Lab about severing cooperation with its long-term partner.
There is another important detail worth paying attention to. After the start of the full-scale Russian invasion of Ukraine, Kaspersky Lab has stopped advertising its participation in the development of the Albatross M5 drone. But the promotion of the Antidrone system, where the participation of Albatross is not so evident, has intensified.
Artillery spotter
In 2019, the Albatross team was focused not only on participation in the Odyssey contest and new technologies for finding lost people. In October of that year, the chief engineer of the company, Spiridonov, created a document entitled “On Artillery Spotting.”
The document argues that to transform a UAV into an artillery spotter, it is necessary to master neural network technology first.
As already mentioned, during the same year, Kaspersky Lab developers helped Albatross with the development of both hardware and software solutions for neural networks. Albatross M5 became the carrier of this technology. Only one small thing left to do: finish training the neural network.
And they succeeded. The presentation of the combat version of the Albatross M5 UAV obtained by Cyber Resistance hacktivists indicates that it is actively used on the battlefield in Ukraine. And it also mentions the active use of the neural network.
The InformNapalm website is currently publishing only a part of available information about the combat use of the Albatross M5. This will be discussed in more detail in the following parts of this series of AlabugaLeaks materials.
Bridge for technology flow
“We have a simple and clear mission – we are building a safe world,” – these pompous words of Evgeniy Kaspersky are the opening line to the story about his company on the Kaspersky Lab website.
It is known to most people as the developer of the antivirus software of the same name, but now the company has expanded beyond antivirus products. Formally, all Kaspersky products are created “exclusively for civilian use.” Company employees constantly talk about this with or without reason (probably in order to keep the sanctions away). The Kaspersky Lab logo is not present on the military version of the Albatross M5, in contrast to its “agricultural and rescue” version. But essentially it is the same drone and its capabilities are provided by the flow of Kaspersky Lab technologies from the civilian to the military sphere.
Therefore, the Albatross company has been using drones of its own production in the Russian war against Ukraine at least since September 2022. Among the key elements of the combat use of the Albatross M5 there is an on-board neural network that analyzes objects and targets on the fly. Two developers of the Albatross neural network are also employees of Kaspersky Lab, where they are also working on the Antidrone project. Kaspersky’s official partner in the development of neural networks and anti-drone systems is the same Albatross. And although a full-scale war has been raging since more than two years; Albatross itself recently moved production to Yelabuga, where it is participating in the assembly of Russian analogues of the Shahed-136 kamikaze drones, there is no information about the rupture of cooperation between Kaspersky Lab and Albatross. And no effective Western sanctions have been applied against Kaspersky Lab. Thus, Kaspersky Lab can still buy equipment, train specialists, and create new products, which will then be used by Russians in an aggressive war against Ukraine. Therefore, the restrictions imposed on the Russian Federation in the technology sector should have no exceptions, and the Russian company Kaspersky Lab should also be subject to effective sanctions.
Read more publications based on the data from Cyber Resistance hacktivists
- Hacking a Russian war criminal, deputy commander of the OMON of the Krasnoyarsk Krai
- Hacking a Russian war criminal, commander of 960th Assault Aviation Regiment
- Hacking Russian Z-volunteer Mikhail Luchin who ordered sex toys for $25,000 instead of drones for the Russian army.
- BagdasarovLeaks: hacking ex-member of the Russian State Duma Semyon Bagdasarov. Iranian gambit
- Hacked: Russian GRU officer wanted by the FBI, leader of the hacker group APT 28
- Hacking “James Bond”: medical service commander of 960th Assault Aviation Regiment doxed key personnel of his own unit
- Hacking Andrey Lugovoy, member of the Russian State Duma, First Deputy Head of the Security Committee
- Ukrainian hacktivists acquired first-ever photo of the GRU hacker unit commander wanted by the FBI for meddling in the U.S. election
- New evidence of collaboration of former Slovak Justice Minister Štefan Harabin with the Russian Federation
- Hacking Colonel Leonid Rusin, ex-commander of Russian AWACS unit
- Ukrainian hackers posted lists and documents of the Russian 72nd Motorized Rifle Brigade (TOP-10 files)
- Economic summit Russia–Africa 2023 databases hacked by Ukrainian hacktivists
- Hacking Lieutenant Colonel Kasatkin, Russian war criminal, head of Combat Training of A-50 early warning aircraft, military unit 41520
- BabakovLeaks: hacking Alexander Babakov, Deputy Chairman of the Russian State Duma
- Cuban mercenaries fighting against Ukraine on the Russian side – Ukrainian hacktivists collected evidence
- Hacked: Russian pilot reveals schemes of weapons supply from Iran, South Africa and Mali to Russia
- Hacking the Infocomms Department of the Russian Ministry of Defense. Katyusha and the secrets of General Konashenkov
- CYBINT investigation: how the Orlan-10 manufacturer imports parts bypassing sanctions
- Hacking assistant to vice-speaker of the Russian State Duma: agents of influence in Serbia and media campaigns in the EU
- Hacktivists uncovered new classified documents from STC, Russian manufacturer of Orlan-10 drones
- Hacking assistant to vice-speaker of the Russian State Duma: agents of influence in Serbia and media campaigns in the EU
- Data leakage from the Kremlin administration – what lies ahead for Russia after the elections?
No Responses to “AlabugaLeaks. Part 2: Kaspersky Lab and neural networks for Russian military drones”