Protei, a Russian-linked telecom company known for building surveillance and internet-filtering technology, has been hacked, had its website defaced, and lost a massive trove of internal data.
Protei develops systems used by phone and internet service providers across countries such as Bahrain, Italy, Kazakhstan, Mexico, Pakistan, and much of Central Africa. Now headquartered in Jordan, the company sells connectivity tools, video conferencing systems, deep-packet inspection (DPI) products, and other technologies used for government surveillance and censorship.
It remains unclear how or when the breach occurred, but archived snapshots on the Wayback Machine show the company’s site was defaced on November 8 before being quickly restored. During the incident, the hacker accessed the company’s web server and stole about 182GB of data, including years of company emails.
The stolen files were shared with DDoSecrets, a non-profit that publishes leaked datasets from governments, law enforcement agencies, and companies operating in the surveillance industry.
Protei has made no public comment, and its Jordan-based managing director, Mohammad Jalal, did not respond to requests for clarification.
The hacker’s identity and motives remain unknown, but the defaced page included the message: “another DPI/SORM provider bites the dust.” This appears to target Protei’s role in supplying deep-packet inspection tools and technology tied to SORM, Russia’s controversial lawful intercept system that allows authorities to access calls, messages, and browsing activity.
Deep-packet inspection tools enable telecom companies to block or filter traffic from specific websites or apps, tools widely used for censorship in regions with restricted internet freedom.
Related: LG Uplus Reports Suspected Data Breach
A 2023 Citizen Lab report revealed that Iranian telecom giant Ariantel consulted with Protei about tools for logging user traffic and blocking specific websites. Documents published by Citizen Lab show Protei advertising its ability to restrict online access for individual users or entire population groups.
Protei has not confirmed the extent of the breach or the impact on its customers.
