Tech News

Iranian Hackers Are Causing Disruptive Cyberattacks Against the Albanian Government

By Abdul Wahab
Iranian Hackers Are Likely Causing Disruptive Cyberattacks Against the Albanian Government

The cybersecurity firm, Mandiant, has reported that the malicious activity against a NATO state, Albania, indicated a geographic expansion of Iranian disruptive cyber operations. 

The attacks that occurred on July 17, forced the government to take serious actions, which included temporarily closing access to online public services and other government websites. According to Albania’s National Agency of Information Society, these steps were necessary because they had suffered a sophisticated and synchronized cybercriminal attack that originated outside Albania’s borders.

Mandiant reports that this was a politically motivated disruptive operation, which deployed a new ransomware family called ROADSWEEP. This ransomware family came with a ransom note that read: Why should our taxes be spent on the benefit of DURRES terrorists?

A group with the front named HomeLand Justice has claimed credit for the cyber offense and allegedly claimed that they used a wiper malware in the attacks. The exact nature of the wiper is still unclear, but according to Mandiant, an Albanian user submitted a sample for a ZeroCleare on July 19. Therefore, coinciding with the attacks.

ZeroCleare is designed to wipe the MBR or the master boot record and disk partitions on a Windows-based machine. IBM first documented it as it was a part of a campaign that targeted industrial and energy sectors in the Middle East. It is believed that ZeroCleare is a collaborative effort between multiple Iranian nation-states. 

In the Albanian attacks, the actors also deployed an unknown backdoor named CHIMNEYSWEEP. This backdoor was capable of many actions, including listing and collecting files, taking screenshots, spawning a reverse shell, and even supporting keylogging functionality.

Mandiant, which was acquired by Google recently, notes that they did not have enough evidence to link the intrusion to a named adversarial collective, but they were moderately confident in the fact that one or more nefarious actors were operating in support of Iran’s objectives.

Read also:

Related posts:

Spider-Man 2 Brings Back Loved Costume Designs
Realme 10 Pro Plus to launch globally with Dimensity 1080SoC
Netflix Launches Game Handles for Its Mobile Games in an Effort To Diversify Itself
Xiaomi 13 Pro Finally Gets a Launch - Impressive Cameras, Better Charging, and a Brand New Chip

By Abdul Wahab

Abdul Wahab is a Software Engineer by profession and a Tech geek by nature. Having been associated with the tech industry for the last five years, he has covered a wide range of Tech topics and produced well-researched and engaging content. You will mostly find him reviewing tech products and writing blog posts. Binge-watching tech reviews and endlessly reading tech blogs are his favorite hobbies.

Related Post

Tech News

New X-Men Skins May Be in Store for Fortnite

Abdul Wahab
Tech News

Hogwarts Legacy Sidequest May Hint at a Possible Sequel

Bethany Wilson
Tech News

Infection Free Zone is Gaining Traction

Bethany Wilson

You Missed

Reviews

Host4Geeks Review

Latest Articles

5 Best eGPUs – Add Graphics Power to Your Laptop

Reviews

AzireVPN Review

How-tos & Tutorials

How to Uninstall NordVPN on Windows

Show Buttons
Hide Buttons