Iran-linked cyberattack halts Albania's parliament

Iran-linked cyberattack halts Albania's parliament

Albania's Parliament has been temporarily halted due to a cyberattack where intruders attempted to breach the government servers and wipe all data.

According to the government’s statement, the attackers have not been able to gain access to the data. Currently, the incident is being investigated, with cyber experts working to determine the possible consequences of the attack.

Reports from local media indicate that a cellphone provider and an air flight company were also targeted by cyberattacks allegedly carried out by an Iranian-based hacker group known as Homeland Justice.

In July and September 2022, Albanian government infrastructure was targeted in a series of destructive cyberattacks attributed to the same Homeland Justice hackers that destroyed data and caused disruption to essential government services.

The intruders acquired initial access to the victim’s network approximately 14 months before launching the attack, which included a ransomware-style file encryptor and disk-wiping malware. The actors maintained continuous network access for approximately a year, periodically accessing and exfiltrating e-mail content.

Following the hack, the Albanian government severed diplomatic relations with Iran and even considered invoking NATO’s Article 5 declaration, which could have pulled all member states into confrontation with Iran.


Back to the list

Latest Posts

Russian hackers target Microsoft accounts with ‘Device code’ phishing attacks

Russian hackers target Microsoft accounts with ‘Device code’ phishing attacks

The Russian threat actors leveraged social engineering techniques to impersonate individuals from prominent institutions.
17 February 2025
Cyber Security Week in Review: February 14, 2025

Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more.
14 February 2025
Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

The 'BadPilot' campaign involves a series of targeted cyberattacks leveraging bugs in widely used IT infrastructure software.
13 February 2025