Telecom Surveillance Provider Protei Hacked: Data Stolen, Website Defaced

11/17/2025 Security

Well, this is unsettling. A telecom company named Protei, which develops technology for web surveillance and censorship, got hacked. I mean, the irony is pretty thick, right? It's like a security firm getting robbed – embarrassing, to say the least.

Based in Russia, Protei sells its wares – things like video conferencing, internet solutions, and, most notably, surveillance equipment – to phone and internet companies worldwide. We're talking Bahrain, Italy, Kazakhstan, Mexico, Pakistan, and a good chunk of central Africa. It's a pretty extensive reach.

I'm not entirely sure how the hack went down, but on November 8th, someone defaced Protei's website. Thankfully, they restored it pretty quickly. However, the hacker did manage to snag a hefty 182 gigabytes of files from Protei's web server. We're talking emails and all sorts of juicy data going back years. That's a lot of information.

This stolen data ended up with DDoSecrets, a non-profit that basically collects and indexes leaked datasets from various sources, including law enforcement, government agencies, and surveillance companies. It's a treasure trove of information, depending on your perspective.

The managing director of Protei's Jordan branch hasn't commented on the situation yet. As for the hacker's identity and motives, that remains a mystery. However, the defaced website did have a message: "another DPI/SORM provider bites the dust." This most likely refers to Protei's involvement with deep packet inspection (DPI) systems and SORM, a Russian surveillance system.

So, what is SORM? Basically, it's a system that allows governments to snoop on their citizens. Phone and internet providers install SORM equipment on their networks, which then gives the government access to calls, texts, and web browsing data. It's like a built-in wiretap for the entire country. Deep-packet inspection takes this a step further. It allows companies to filter web traffic, blocking access to specific websites or apps. Think censorship and surveillance rolled into one.

In fact, back the previous year, Citizen Lab reported that Iranian telecoms giant Ariantel consulted with Protei on technology to log internet traffic and block websites. The documents revealed that Protei's technology could restrict access to websites for individuals or entire populations. It shows that they clearly know how to play this game.

It makes you wonder who else is using Protei's technology and for what purpose. And, more importantly, what kind of security measures are in place to protect our data from these kinds of breaches? It's definitely something to think about.