InformNapalm: Ukrainian Hackers Obtained Data on Russia’s Nuclear Forces Development and Testing Systems

13 March 2026

Boris Yeltsin’s “nuclear suitcase” on display at the Presidential Center in Yekaterinburg. Photo credits: yeltsin.ru

Ukrainian hackers obtained information on the architecture of software tools used in the development and testing of Russia’s strategic nuclear forces.

The cyber operation was conducted by analysts from Ukrainian Militant, cyber experts from the 256th Cyber Assault Division, and volunteers from the international intelligence community InformNapalm.

The operation included gathering preliminary information from HUMINT sources, OSINT analysis, and a subsequent CYBINT component to obtain data that cannot be obtained from open sources.

It is noted that the intelligence community managed to obtain this information as early as 2024, after which it was promptly transferred to the Defense Forces.

Excerpt from documents obtained by hackers. Photo credits: InformNapalm

As of 2025, the operation’s operational and intelligence capabilities had been exhausted, so as of 2026, some of the information obtained can be made public.

In particular, hackers managed to obtain a set of documents regarding research and development work under the code name “Polus-24” for conducting interim tests of early warning system modules.

The document explicitly states that the technical specifications were received from military unit 33949, which a number of publications directly link to the Russian Foreign Intelligence Service, specifically its clandestine intelligence division.

As a reminder, in late February 2026, it became known that Ukrainian hackers had breached the accounts of Russian military personnel, which made it possible to determine how the Russians were using Belarusian infrastructure to launch attacks on Ukraine.

During the operation, cyber experts gained access to the monitoring systems used by drone operators. Ukrainian hackers did not control the drones, but they observed the enemy’s actions and helped improve the effectiveness of the Ukrainian side’s operational countermeasures.

Intelligence officers organized round-the-clock covert surveillance of the accounts, during which data was promptly transmitted to the Ukrainian Defense Forces. This significantly improved the situational awareness of Ukrainian defenders and enabled them to effectively shoot down and neutralize Russian drones.

A typical drone route from Russian territory along the inner part of the Belarusian border for subsequent attacks against Ukraine. Photo credits: InformNapalm

Analysis of intercepted communications showed that Russia actively uses civilian infrastructure, specifically cell towers on Belarusian territory, to route its drones.

In this way, the Russians ensured a stable signal for striking targets located on Ukraine’s northern and western borders, and even flew into the territory of NATO countries.