Europe News

The pro-Russian hacktivist groups "We are Clowns" and "Phoenix" have jointly stated in a statement that they will target the Russian region of Dagestan in future attacks. The reason for these attacks is that Dagestan is contesting the war in Ukraine and if the government cannot stop it, they will. The threats made by pro-Russian hacktivists against parts of their own country are evidence of the disorganization of some cyber groups and the possible laissez-faire attitude of the Russian government towards the repression of dissent in Russia itself.  Read more about it : here

On 3 November 2022, the computer systems of the Office Hydraulique de Corse were hit by a ransomware attack. All network and computer systems were blocked and a ransom was demanded without the amount being communicated to the public. According to the office's press release, 33 servers were affected by this attack. No details on the group behind the attack have been released yet. The impact of this attack is potentially severe. Indeed, if these computer systems are completely locked, it is likely that some of the water services management systems will be difficult to use or even unusable, forcing the management teams to work in a degraded manner.  Read more about it : here

According to officials at the Swedish website val.se, the site faced serious technical problems as a result of DDoS cyber attacks from 10 to 11 September.   The head of the authority's secretariat said on 11 September: "There have been three DDoS attacks against val.se, one yesterday and two today. The most recent one is still ongoing.  During the elections, the Swedish regional governments also reportedly experienced problems with their telecommunication facilities, but this did not disrupt the elections or their outcome.  Read more about it : here

According to the cyber media, the cyber actor PoCExploiter has announced that the telecommunications operator Vodafone Italy has had approximately 309 gigabytes of data stolen. This data may already be exposed on the net, although no information is available at the moment to confirm this. Read more about it : here

On 14 September 2022, LockBit 3.0 claimed responsibility for a ransomware attack on the French online company artdis.fr. The company specialises in express delivery throughout France and Europe, storage, order picking and redistribution. The data will be released on 29 September if the ransom is not paid.  No information on the nature of the data has yet been provided.  Read more about it : here

The company OrangeCyberFR has confirmed the publication of a file containing the personal information of several hundred French customers, which is currently being sold on a deep web forum.  Read more about it : here

According to the CyberKnow media, the pro-Russian hacktivist group called "noname05716" has claimed responsibility on its telegram channel for a series of cyber attacks on Lithuanian government websites, presumably in response to Lithuania's anti-Russian policies. These attacks continue to be part of large-scale cyber campaigns organised by pro-Russian groups in order to affect the morale of the populations of opposing countries such as European countries.  Read more about it : here

Dutch police have arrested a 39-year-old man accused of laundering crypto-currencies worth tens of millions of euros. The suspect allegedly used phishing lures to deploy data-stealing malware on victims' computers. In the early morning of 6 September, the suspect was arrested in the village of Veenendaal for money laundering, based on police tracking of bitcoin transactions.  "The funds were stolen using a malicious software update claiming to be from the Electrum open source wallet," according to the press release According to the release, law enforcement was able to track the suspect by following the stolen cryptocurrencies using a malicious software update for the Electrum wallet, a popular open source Bitcoin wallet application that allows users to safely manage their digital assets.  Read more about it : here

The RagnarLocker ransomware group has finally disclosed the personal information of around 9,000 customers of TAPAir, the Portuguese airline, including customers' names, dates of birth, addresses, nationalities, genders, emails, loyalty IDs and phone numbers. No information has been released about any ransom negotiations.  Read more about it : here

Le petit pays des Balkans ciblé par des cyberattaques. Des institutions gouvernementales du Monténégro ont été visées samedi 27 août et depuis la veille par une importante attaque informatique. Certains responsables y voient la main de la Russie, même si le Premier ministre, Dritan Abazovic, reste prudent sur l'origine de cet acte. Il s'agit de la deuxième cyberattaque en une semaine, après une première vague ayant frappé des institutions du pays, dans la foulée d'une motion de censure qui a renversé son gouvernement le 19 août. Read more about it : here