Metacurity

Share this post

Iran-Friendly Hackers Carried Out Disruptive Attacks on Albanian Government Websites

metacurity.substack.com

Iran-Friendly Hackers Carried Out Disruptive Attacks on Albanian Government Websites

Nomad says attackers who return 90% of stolen funds will be considered 'white hat,' Russian national who profited from cybercrime extradited to U.S., Bitter APT has spied on thousands, much more

Cynthia Brumfield
Aug 5, 2022
∙ Paid
1
Share

Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

Photo by Ergys Temali on Unsplash

Mandiant researchers say that hackers working to further the Iranian government’s goals who are angry over the Iranian opposition group Mojahedin-e Khalq’s (MEK) upcoming conference in Albania carried out disruptive cyberattacks on Albanian government sites last month.

The attacks, which forced the government of Albania to shut down online access to multiple government services, may have included a previously unknown backdoor called ChimneySweep and a newly discovered ransomware tool known as RoadSweep to attack the government systems.

In addition, the day after the initial attacks, malware known as ZeroClear, previously linked to Iranian hackers, was uploaded to a public malware registry. It’s unclear whether that sample was used as part of the July 17 attack, but a video uploaded to a website claiming responsibility for th…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing