Surveillance tech provider Protei was hacked its data stolen and its website defaced TechCrunch
p
Latest
pp
AI
pp
Amazon
pp
Apps
pp
Biotech Health
pp
Climate
pp
Cloud Computing
pp
Commerce
pp
Crypto
pp
Enterprise
pp
EVs
pp
Fintech
pp
Fundraising
pp
Gadgets
pp
Gaming
pp
Google
pp
Government Policy
pp
Hardware
pp
Instagram
pp
Layoffs
pp
Media Entertainment
pp
Meta
pp
Microsoft
pp
Privacy
pp
Robotics
pp
Security
pp
Social
pp
Space
pp
Startups
pp
TikTok
pp
Transportation
pp
Venture
pp
Staff
pp
Events
pp
Startup Battlefield
pp
StrictlyVC
pp
Newsletters
pp
Podcasts
pp
Videos
pp
Partner Content
pp
TechCrunch Brand Studio
pp
Crunchboard
pp
Contact Us
ppA Russian telecom company that develops technology to allow phone and internet companies to conduct web surveillance and censorship was hacked had its website defaced and had data stolen from its servers TechCrunch has learnedppFounded in Russia Protei makes telecommunications systems for phone and internet providers across dozens of countries including Bahrain Italy Kazakhstan Mexico Pakistan and much of central Africa The company now headquartered in Jordan sells video conferencing technology and internet connectivity solutions as well as surveillance equipment and webfiltering products such as deep packet inspection systemsppIts not clear exactly when or how Protei was hacked but a copy of the companys website saved on the Internet Archives Wayback Machine shows it was defaced on November 8 The website was restored soon afterppDuring the breach the hacker obtained the contents of Proteis web server around 182 gigabytes of files including emails dating back yearsppA copy of Proteis data was provided to DDoSecrets a nonprofit transparency collective that indexes leaked datasets in the public interest including data from law enforcement government agencies and companies involved in the surveillance industryppMohammad Jalal the managing director of Proteis branch in Jordan did not respond to a request for comment about the breach prior to publication In an email sent after this story published Jalal said the company has no affiliation with Russia and that it is not aware of the data exfiltration from its serversppThe identity of the hacker is not known nor their motivations but the defaced website read another DPISORM provider bites the dust The message likely references the companys sales of deep packet inspection systems and other internet filtering technology for the Russiandeveloped lawful intercept system known as SORMppSORM is the main lawful intercept system used across Russia as well as several other countries that use Russian technology Phone and internet providers install SORM equipment on their networks which allows their countrys governments to obtain the contents of calls text messages and web browsing data of the networks customers ppDeeppacket inspection devices allow telecom companies to identify and filter web traffic depending on its source such as a social media website or a specific messaging app and selectively block access These systems are used for surveillance and censorship in regions where freedom of speech and expression are limitedppThe Citizen Lab reported in 2023 that Iranian telecoms giant Ariantel had consulted with Protei about technology for logging internet traffic and blocking access to certain websites Documents seen and published by The Citizen Lab show that Protei touted its technologys ability to restrict or block access to websites for specific people or entire swathes of the populationppUpdated with comment from JalalppTopicspp
Security Editor
ppZack Whittaker is the security editor at TechCrunch He also authors the weekly cybersecurity newsletter this week in security ppHe can be reached via encrypted message at zackwhittaker1337 on Signal You can also contact him by email or to verify outreach at zackwhittakertechcrunchcom ppStrictlyVC concludes its 2025 series with an exclusive event featuring insights from leading VCs and builders such as Pat Gelsinger Mina Fahmi and more Plus opportunities to forge meaningful connectionspp Bret Taylors Sierra reaches 100M ARR in under two years
pp Google says hackers stole data from 200 companies following Gainsight breach
pp X begins rolling out the About this account feature to users profiles
pp SpaceXs upgraded Starship suffers explosion during testing
pp ChatGPT launches group chats globally
pp Hugging Face CEO says were in an LLM bubble not an AI bubble
pp Google launches Gemini 3 with new coding app and record benchmark scores
pp 2025 TechCrunch Media LLCp
Latest
pp
AI
pp
Amazon
pp
Apps
pp
Biotech Health
pp
Climate
pp
Cloud Computing
pp
Commerce
pp
Crypto
pp
Enterprise
pp
EVs
pp
Fintech
pp
Fundraising
pp
Gadgets
pp
Gaming
pp
pp
Government Policy
pp
Hardware
pp
pp
Layoffs
pp
Media Entertainment
pp
Meta
pp
Microsoft
pp
Privacy
pp
Robotics
pp
Security
pp
Social
pp
Space
pp
Startups
pp
TikTok
pp
Transportation
pp
Venture
pp
Staff
pp
Events
pp
Startup Battlefield
pp
StrictlyVC
pp
Newsletters
pp
Podcasts
pp
Videos
pp
Partner Content
pp
TechCrunch Brand Studio
pp
Crunchboard
pp
Contact Us
ppA Russian telecom company that develops technology to allow phone and internet companies to conduct web surveillance and censorship was hacked had its website defaced and had data stolen from its servers TechCrunch has learnedppFounded in Russia Protei makes telecommunications systems for phone and internet providers across dozens of countries including Bahrain Italy Kazakhstan Mexico Pakistan and much of central Africa The company now headquartered in Jordan sells video conferencing technology and internet connectivity solutions as well as surveillance equipment and webfiltering products such as deep packet inspection systemsppIts not clear exactly when or how Protei was hacked but a copy of the companys website saved on the Internet Archives Wayback Machine shows it was defaced on November 8 The website was restored soon afterppDuring the breach the hacker obtained the contents of Proteis web server around 182 gigabytes of files including emails dating back yearsppA copy of Proteis data was provided to DDoSecrets a nonprofit transparency collective that indexes leaked datasets in the public interest including data from law enforcement government agencies and companies involved in the surveillance industryppMohammad Jalal the managing director of Proteis branch in Jordan did not respond to a request for comment about the breach prior to publication In an email sent after this story published Jalal said the company has no affiliation with Russia and that it is not aware of the data exfiltration from its serversppThe identity of the hacker is not known nor their motivations but the defaced website read another DPISORM provider bites the dust The message likely references the companys sales of deep packet inspection systems and other internet filtering technology for the Russiandeveloped lawful intercept system known as SORMppSORM is the main lawful intercept system used across Russia as well as several other countries that use Russian technology Phone and internet providers install SORM equipment on their networks which allows their countrys governments to obtain the contents of calls text messages and web browsing data of the networks customers ppDeeppacket inspection devices allow telecom companies to identify and filter web traffic depending on its source such as a social media website or a specific messaging app and selectively block access These systems are used for surveillance and censorship in regions where freedom of speech and expression are limitedppThe Citizen Lab reported in 2023 that Iranian telecoms giant Ariantel had consulted with Protei about technology for logging internet traffic and blocking access to certain websites Documents seen and published by The Citizen Lab show that Protei touted its technologys ability to restrict or block access to websites for specific people or entire swathes of the populationppUpdated with comment from JalalppTopicspp
Security Editor
ppZack Whittaker is the security editor at TechCrunch He also authors the weekly cybersecurity newsletter this week in security ppHe can be reached via encrypted message at zackwhittaker1337 on Signal You can also contact him by email or to verify outreach at zackwhittakertechcrunchcom ppStrictlyVC concludes its 2025 series with an exclusive event featuring insights from leading VCs and builders such as Pat Gelsinger Mina Fahmi and more Plus opportunities to forge meaningful connectionspp Bret Taylors Sierra reaches 100M ARR in under two years
pp Google says hackers stole data from 200 companies following Gainsight breach
pp X begins rolling out the About this account feature to users profiles
pp SpaceXs upgraded Starship suffers explosion during testing
pp ChatGPT launches group chats globally
pp Hugging Face CEO says were in an LLM bubble not an AI bubble
pp Google launches Gemini 3 with new coding app and record benchmark scores
pp 2025 TechCrunch Media LLCp
