Iran-Friendly Hackers Carried Out Disruptive Attacks on Albanian Government Websites
Nomad says attackers who return 90% of stolen funds will be considered 'white hat,' Russian national who profited from cybercrime extradited to U.S., Bitter APT has spied on thousands, much more
Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
Mandiant researchers say that hackers working to further the Iranian government’s goals who are angry over the Iranian opposition group Mojahedin-e Khalq’s (MEK) upcoming conference in Albania carried out disruptive cyberattacks on Albanian government sites last month.
The attacks, which forced the government of Albania to shut down online access to multiple government services, may have included a previously unknown backdoor called ChimneySweep and a newly discovered ransomware tool known as RoadSweep to attack the government systems.
In addition, the day after the initial attacks, malware known as ZeroClear, previously linked to Iranian hackers, was uploaded to a public malware registry. It’s unclear whether that sample was used as part of the July 17 attack, but a video uploaded to a website claiming responsibility for th…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.