Iranian threat actor targets the Albanian government using ROADSWEEP ransomware
Iranian threat actor targets the Albanian government using ROADSWEEP ransomware
Threat Level
Attack Report
For a detailed advisory, download the pdf file here
Summary
A cyberattack that took place in mid-July momentarily disrupted various Albanian government services and websites and was most likely the work of Iranian hackers. The attack used a new ransomware family called ROADSWEEP, an unknown backdoor CHIMNEYSWEEP and a new variant of the ZEROCLEAR wiper.