Ukrainian cyber experts have been reading emails from top management of Russian analogue Starlink for years

The details of the CYBINT operation are reported by the international intelligence community InformNapalm. According to investigators, the source of the leak was Alexey Labzin, Deputy General Director of JSC «Sputnik System „Gonets“» and a number of IT specialists of the company.

«Gonets» is part of the structure of «Roscosmos» and is part of the «Luch» relay system, which provides communication with launch vehicles and spacecraft. In addition to its civilian purpose, the system is critically important for the Russian military-industrial complex, especially in areas where there is no GSM coverage.

«SS Gonets is currently positioned in the Russian Federation as its own „analogue of Starlink“ and in the future it has been stated that Russian specialists plan to install terminals on UAVs,» InformNapalm analysts note. However, a technical analysis of the obtained documents shows that the Russian development is significantly inferior to the SpaceX system in terms of service quality and data transfer speed.

During the operation, the hackers discovered that the main IT infrastructure and the single control center for the entire system are located at the company’s legal address in Moscow on Baumanskaya Street. The data obtained includes:

• the complete topology of the enterprise’s internal network;

• schemes for deploying central access control system software;

• Documentation for the 1 °C system, which was specially adapted in the Russian Federation for reporting to the Ministry of Defense on the implementation of defense contracts.

The leak also highlighted the critical state of Gonets' technical infrastructure. Due to international sanctions, the company is forced to use outdated software and home-made «crutches» to support the operation of the infrastructure. This makes the strategically important facility vulnerable to further cyberattacks.

The participants in the operation noted that they had endured a long pause after the sources of information extraction were closed in 2025 for security purposes (OPSEC). The part of the data released today is only a fragment of the array that ended up in the hands of Ukrainian intelligence.

Earlier, the Russian aerospace company BUREAU 1440 launched 16 broadband Internet satellites into space. This is the first stage of the deployment of a constellation in low Earth orbit, which in Russia is called an analogue of SpaceX’s Starlink.

Later, it became known that a group of Russian satellites «Rassvet» was already forming short communication sessions over Ukraine, which could potentially be used by the Russian military as a partial alternative to Starlink.

Recall that after losing access to the Starlink terminals, the enemy army faced significant problems in managing its troops. The main consequence was that the actions of the occupiers became much slower and less flexible.

Read the country’s main IT news in our Telegram

On the topic

Read the country’s main IT news in our Telegram

«If the pilots’ position is found and they have to move, it takes three to four times longer.» How the Russian Army Fights After Losing Access to Starlink

On the topic

«If the pilots’ position is found and they have to move, it takes three to four times longer.» How the Russian Army Fights After Losing Access to Starlink

Russia is testing an alternative to Starlink: Rassvet satellites are already regularly flying over Ukraine

On the topic

Russia is testing an alternative to Starlink: Rassvet satellites are already regularly flying over Ukraine

Russia launched the first batch of internet satellites to create its own network like Starlink

On the topic

Russia launched the first batch of internet satellites to create its own network like Starlink