Albanian parliament, telecom company hit by cyberattacks

Jason Macuray
The Albanian parliament and a telecom company operating in the country were targeted by cyberattacks this week

The Albanian parliament and a telecom company operating in the country were targeted by cyberattacks this week, the country’s cyber agency said in a statement.

According to the agency, the attacks originated from outside Albania and country’s tech experts “are currently working to recover the affected systems and analyze the tactics and techniques used by the threat actors involved in the attacks.”

Earlier this week, local media reported that during the attack on the parliament, hackers attempted to interfere with the infrastructure and delete data but were unsuccessful.

The attack hasn’t been attributed to a specific threat actor and the Albanian parliament did not respond to a request for comment by the time of publication.

On Monday, the Iran-linked hacker group known as Homeland Justice claimed responsibility for the cyberattack on the Albanian parliament, as well as two local telecom companies and Albania’s flag carrier.

In a post on Telegram, the hackers claimed to have stolen data from the targeted systems, warning its victims to “expect the worst.” The group’s claims could not be independently verified and the targeted companies have not responded to a request for comment.

The attacks are a possible retaliation for Albania sheltering members of the Iranian opposition group Mujahedeen-e-Khalq, or MEK, in the Albanian county of Durrës — the hackers named their campaign “Destroy Durres Military Camp.”

In a statement sent on Tuesday to The Associated Press, MEK’s media spokesperson Ali Safavi claimed the reported cyberattacks in Albania “are not related to the presence or activities” of MEK members in the country.

Earlier in July, Albania suffered a major cyberattack attributed to Iran that forced the country to close access to online public services and other government websites. Homeland Justice hackers claimed responsibility for that attack as well.

Researchers at Mandiant, who analyzed the attack, said that they didn’t have enough evidence to link the attack to this specific threat actor, but said they have “moderate confidence” that one or multiple Iran-linked groups were involved in the operation.

Two months after the attack, Albania severed diplomatic ties with Tehran in response to the attack, while the U.S. imposed sanctions on Iran’s primary intelligence agency.

“We will not tolerate Iran’s increasingly aggressive cyber activities targeting the United States or our allies and partners,” said the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) in a statement.

In September, Albania reported that hackers linked to Iran’s government targeted computer systems used by the national police to track individuals entering and leaving the country. The attack prompted authorities to shut down computer control systems at border crossings and airports.

A spokesman for the Iranian Ministry of Foreign Affairs denied at that time that the country had been involved in any attack targeting Albania, calling the accusations “baseless” and “unproven.”

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Entertainment giant National Amusements says more than 82,000 affected by cyberattack

Next Post

First American says funds secure despite cyberattack

Related Posts

Google Chrome Adds V8 Sandbox – A New Defense Against Browser Attacks

Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox
Read More

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look
Omega Balla
Read More

Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts

The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up to 15 years in prison. The accounts, authorities said, were
Siva Ramakrishnan
Read More