Russias Joker DPR Claims Access to Ukraine Troop Movement Data

A hacktivist group working with Russia claims it breached DELTA, the Ukrainian battlefield management system (BMS).

The Joker DPR threat group has been around and functioning as an arm of the Russian state since 2019, largely focused on
spreading disinformation
and leaking sensitive Ukrainian government and military secrets stolen by insiders friendly to Russia. Its goal is undermining peoples confidence in the countrys institutions, but no one should be fooled into thinking Joker DPR is a sophisticated group of super-hackers — its not.
In its own words, Joker DPR wants to destroy the clowns running Ukraines government (DPR is the English acronym for a separatist group in eastern Ukraine called Donetsk Peoples Republic). And in November, it made a startling claim that would seem to further that agenda — that it had real-time access to DELTA, the
Ukraine militarys
battlefield management system (BMS). If true, this would have given the group insights into military planning for the Armed Forces of Ukraine (AFU).
However, according to
new analysis from Recorded Future
, that claim was vastly exaggerated.
Recorded Future and other cybersecurity experts were dubious about the
hacktivist groups
allegations and found after analysis of Joker DPRs proof of compromise that instead of gaining full access, the threat group is far more likely to have access to an individual user account.
The distinction hardly mattered to Joker DPR, since Russian media quickly picked up the story and proclaimed that the Russians had a full backdoor into
Ukraines DELTA system
.
After the claim of compromise, AFU commanders might choose not to use the sophisticated system on the battlefield —
a win for Russia
. The Recorded Future researchers said they have sources which show that this tactic was effective.
Given that the breach was unlikely to have occurred in the manner Joker DPR described, in real terms, the greatest damage Joker DPR could have inflicted was through the assertion of the breachs existence, the Recorded Future researchers added. Joker DPR was essentially claiming that it had real-time access to the BMS.
The report added that the fact that Russian media was so eager to pick up the story further signals Joker DPR didnt actually have the access to DELTA as claimed. If it had real-time intel into the AFUs movements, Russia would not be so quick to give away their advantage, Recorded Futures research explained.
Although the group wants to give the impression of being a band of super hackers, in reality, the group hasnt displayed dazzling hacking abilities, according to Recorded Futures analysis.
Put simply, the group does not appear to specialize in hacking, and it will take what it can get to support its information agenda, a researcher who prefers to remain anonymous from Recorded Future tells Dark Reading. Joker DPR first and foremost specializes in information operations, and any cyber activity that occurs within the umbrella of the group is only meant to support those operations.
That makes it tricky to try and predict Joker DPRs next target.
Joker DPRs activities suggest the group is more opportunistic with its cyber activity, using its platform to amplify news of compromises in an effort to undermine the credibility of the Ukrainian government and military, Recorded Futures researcher says. This is in contrast to
groups like Killnet
that display consistency in their tactics, techniques, and procedures (TTP) and targets.
The likelihood of international law enforcement reaching Joker DPR in Russia is small, but Recorded Futures analysis hopes to raise the groups profile to help protect Ukraines forces from Russian-aligned groups, as well as push pack against ongoing Russian disinformation campaigns.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Russias Joker DPR Claims Access to Ukraine Troop Movement Data