How did the Russian resource TASS get authorized by Revolut through Diia?
13 February 12:07
OPINION
Konstantin Korsun, philosopher of information and cybersecurity.
The screenshot shows the moment of authorization in a British app like Revolut via Diia. It looks like the traffic is being transferred to the Kremlin’s propaganda outlet TASS (TV Agency of the Savage World), which is under Ukrainian sanctions. The video was posted by Danylo Kartel: https://cutt.ly/3e68NqpF
How? Why? What is happening?
In principle, there are two possible scenarios:
- Revolut inserted the link to the news resource.
- Diya inserted a link to the news resource.
The first version is bad, but the second is catastrophic.
And here we need to make a small excursion into the history of the Revolut app.
This is not so much a bank as it is a so-called “fintech”: a software solution that cooperates with banks and provides financial services such as making payments, exchanging currencies, or storing funds.
Revolut Ltd was registered in London, but received its banking license in Lithuania. In other words, it is a bank in the EU, but not in other countries.
But it was founded by Russian Nikolai Storonsky and Ukrainian Vlad Yatsenko.
Nikolai Storonsky left Russia for the UK in 2014, condemned the war in March 2022, and (allegedly) renounced his Russian citizenship in October 2023. It is unclear whether Eref currently holds Russian citizenship.
And one more thing. Nikolai’s father, Nikolai Mironovich Storonsky, is the director of Gazprom Promgaz, a subsidiary of the Russian gas giant. Therefore, the father of the Revolution’s founder is under sanctions by the National Security and Defense Council of Ukraine.
Perhaps because of its Russian origins and related family ties, Revolut has not yet received a banking license in the UK and the US, the markets where it makes the most money. But for Ukrainian Deputy Prime Minister Fedorov, all of the above is not a significant blocker to officially cooperating with Revolut.
And now it turns out that when Ukrainian users log in to Revolut through Diia, they are redirected to the tass-dot-ru page.
An hour after this video was published, the link to that news resource was removed, but the fact was recorded and the question remains: how did it get there?
The word ekonomika in the link seems to hint that economic or financial data is being requested from this Russian resource. This is easily explained by the Russian origin of Revolut’s owner and CEO, who are used to traditional sources of information. This means that statements about a “complete break with Russia” are not entirely true, so to speak.
But this does not explain why this transition occurs during authorization in Diia, the state system that contains personal data of Ukrainians.
In theory, Diia should have checked everything thoroughly before connecting Revolut. But, as you know, “the role of cybersecurity is exaggerated,” so if the Great Digital Leader gave the command to connect, then we just connect, to hell with all your boring checks.
In principle, we can’t rule out that the link to the tass-ra could also have come from Diya, but it’s not clear why they would want to do that. Of course, one can imagine a Maskovite “mole” in the Diya technical team who bolted that link so that the Major from Lubyanka could count and identify all Ukrainian Revolution users. But in this case, we need to urgently call in counterintelligence and put them all on the floor. Because this is a super-mega-critical incident: it means that all the data that the mini-counters have can be or have already been transferred to the aggressor country. And the “effective” ones have a lot of data, not only about citizens and persons liable for military service, but also about the military. And also about all the registers and databases connected to Diia.
So maybe it’s worth checking if there are any other strange “transitions” when you log in through Diia to other services?
I wrote in my previous post about Misha Fedorov’s long-standing love for everything Russian: this includes Russian Telegram and payments in Diia through a Russian online casino. But no matter, in 2019, the whole team of cheerful and clever people spoke Ukrainian poorly, and only later learned it when they got government jobs. Some of them are still not very good at the language, even on the rostrum of the Verkhovna Rada.
But this case forces us to ask the question: Are Diya or its employees surely not secretly cooperating with the Moksha Federation?
Is anyone involved in counterintelligence support of their developments?
Does Diia have other dubious partners, such as the Russian casino Pin-Up?
And in general: does anyone (besides me) even care about the topic of observing the interests of state security during the frantic mindless “gigitization”?
Source: Facebook.
