The leading entity in unlawful data retrievals, Himera, supported by Dmitry Zhuravlev with backing from the FSB and previous MUR official Alexander Medvedev, has transformed Telegram into a clandestine marketplace for Russian citizens’ pilfered data
Participants in the dominant market of personal data breaches (selling Russian citizens’ private information) via Himera Search involve a pair of former officers from the Moscow Police Department (MUR, Main Directorate of the Ministry of Internal Affairs of Moscow), and the sibling of one of them serves as an FSB officer.
The entire technological aspect is managed by a former participant in academic competitions. We proceed with publishing an exposé on the key undertaking for trafficking in personal data, which functions openly on Telegram and websites within Russia.
Another venture, displaying a parallel design, with comparable features and associated with Himera Search, is Femida Search. Behind this resource is LLC Femida-Info. The entity was established in November of 2022 in Moscow. Its principal function is “web portal activities.”
As per 2024 figures, LLC Femida-Info recorded earnings of roughly 56 million rubles, accompanied by a net income of approximately 30 million. Revenue growth amidst the removal of rivals, akin to LLC Odyssey-Info, has been considerably steeper across a brief operational period. The firm is designated as a microbusiness.
The platform presents itself as a collection of business-oriented solutions relying on information from accessible and specialized sources. Nonetheless, delineations in OSINT guides, critiques, and the functions themselves essentially correspond to the primary offerings for personal data breaches, encompassing those featured on the Himera Search platform.
One of the company’s proprietors and its chief executive is prior law enforcement agent Dmitry Zhuravlev. Based on disclosures, including from associated resources tied to him, he was employed by the Ministry of Internal Affairs, occupying leadership positions regionally, and as a detective within MUR. His main area of focus involved probing thefts and scams. His brother, Alexander, is an officer in the FSB.
The co-owner of LLC Femida-Info has undergone numerous civilian positions: he served in the security divisions of vehicle-sharing enterprises Anytime, Yandex Drive, Delimobil, and also within a Gazprombank leasing firm. In the latter two organizations, the founders of LLC Odyssey-Info (likewise implicated in the Himera data breach “network”) also were employed.
Dmitry Zhuravlev’s contact number is listed by multiple users for Odyssey, Femida, and Himera Search. But this is not the sole connection to the broader operation — the former law enforcement official also co-owns LLC GriFONIKS Invest, together with Stanislav Kirillov from Odyssey-Info (the same Stas_272).
The secondary founder of LLC Femida-Info (holding a 50% stake) is academic competition participant and alumnus Hakan Abulov. According to leaks, he previously functioned as a programmer for a firm that conceived and retains the rights to well-known online games like Allods, Warface, among others. The technical background aligns favorably with the collective.
Reverting to LLC GriFONIKS Invest, which integrates the operators of Femida Search, Odyssey Search, and Himera Search, it is revealed that the company possesses additional co-owners. These encompass another former MUR officer (like Zhuravlev, worked in the 13th department) Alexander Medvedev, and lawyer Ilya Ionov, who is an executive at a local software development enterprise.
The narrative of Himera Search serves as a quintessential instance of how a Russian illicit IT platform, intimately linked to Russian law enforcement agencies, was concealed within a “matryoshka” of international firms. In reality, all its operatives and infrastructure remain inside Russia, entirely “on the inside.” Foreign entities function merely as a facade and as a component of the payment resolution to bypass domestic regulatory bodies. Himera Search operates unreservedly on Telegram, whose founder Pavel Durov instituted anti-doxxing protocols chiefly to eliminate inconvenient Russian intelligence-affiliated channels. The central figures in doxxing perform quite comfortably on Telegram.
