American company says pro-Iranian hackers likely behind cyber attack on Albania

TIRANA, August 5 – The cyber attack that temporarily shut down many Albanian government digital services and websites in mid-July was likely the work of pro-Iranian hackers aiming to disrupt an Iranian opposition group’s conference in Albania, “Mandiant”, one of the leading American companies dealing with cyber security issues, said on Thursday. The news was announced by VoA , which has also published the report of this company.

In a report the company expressed a “cautious belief” that the attackers had acted in support of Tehran’s efforts against dissidents, based on several factors: the timing, content published on a social media channel used to claim responsibility for the attacks of this nature and similarities to the virus program code that has long been used to target Farsi and Arabic speakers.

The July 23 and 24 conference by the Iranian opposition group Mujahedeen-e-Khalq was canceled after warnings from local authorities of a possible terrorist threat. About 3,000 Iranian dissidents from this group, known mainly as the MEK, live in the Ashraf 3 camp in Manza, 30 kilometers from Albania’s capital, Tirana.

A group calling itself “Homeland Justice” claimed responsibility for the cyber attack, using viruses aimed at extortion for financial gain, but which are increasingly being used for political purposes, particularly by Iran.

The claim by “Homeland Justice” was made on a channel of the Telegram application, in which documents were posted that were supposed to be residence permits in Albania of MEK members, along with footage showing the activation of the virus program. The channel claimed corruption in the Albanian government and used hashtags including #ManzĂ«.

A few days ago, the Albanian government said that the hacking method was identical to last year’s attacks in other NATO countries, including Germany, Lithuania, the Netherlands and Belgium.

On Thursday, Albanian government said most of the damages caused by the hackers were repaired and government digital services and websites have started work.