The SecNews highlights on EXCLUSIVITY a major issue with unpredictable dimensions in terms of critical infrastructure security, which will create a sense of feeling.
According to indications identified by the SecNews network research team, Albanians hackers have targeted among others in the last days the Greek Police and its services! Albanoscopic hackers, who are part of a large-scale organized crime group named TetovaHackers, have set up a network of online attacks on Greece, initially targeting the Greek Police or related services.
TetovaHackers have made public on their Facebook page their intention, as we can see in the following message:
View their message translated:
"Announcement: The group of hackers with the name TetovaHackersGroup has been attacked a few days ago by the website of the Greek Police, www.astynomia.gr.
According to Greek media, the hackers team said it could check the site from Tetovo. Greek media contacted emails with the group of hackers tetovahackersgroup@gmail.com with the question "TetovaHackersGroup because you attacked the website of the Greek Police"
The leading member of the TetovaHackersGroup team and press officers, the hacker with the nick name DJ-X @ NI, said about the attack:
We attacked the website of the famous Greek Police because Greek hackers attacked our website in Tetovo. We do not allow hacking of our page by various groups of Skopjans or Serbs, Russians or Greeks. We are defending our Albanian land. Thanks"
Who are TetovaHackers?
SecNews, in collaboration with experts and special security researchers, investigated who is behind the TetovaHackersGroup organized crime group. The group also uses minors who access the Internet on the pretext of protecting Albania. Minors participate in aggressive actions and in this way the perpetrators of the attacks hide their identity, hiding behind low-level users.
From the elements known to date, the leading members of TetovaHackers are based in a small town of 50.000 residents, Tetovo, northwest of Skopje.
The city has a predominantly Albanian population, and is essentially the "unofficial capital" of a disputed area between Albanians and Skopjans, stretching from Tetovo to Debar. The region is also the birthplace of many nationalist Albanian parties, and has one of the highest crime rates in the region, second only to the city of Skopje.
The TetovaHackersGroup as they say on their website, have as main Mission to attack Serbian or Greek infrastructure and protect their country. They also mention that it is not a community, it is not a group but a "family" (see here https://www.facebook.com/TetovaHackersGroupDeface)
Administrator of the TetovaHackersGroup site is the following profile https://www.facebook.com/TetovaHackersGroup
Their founding member has a Communication Group where he announces his attacks here: https://www.facebook.com/groups/337739133005557/
SecNews publishes after research, EXCLUSIVELY, the profiles of the team members involved, which are directly related to TetovaHackers and the attack on Greek targets.
- TheDacooder AL
Profile: https://www.facebook.com/Th3Dac00d3R
- Ditt, zz Ditt, zz
Profile: https://www.facebook.com/r00t.wildd
- Mirjon Janushaj (LoqkaMany)
Profile: https://www.facebook.com/WeedHaXoR
- DEVILC00DE
Profile: https://www.facebook.com/DEVILC00DE
- Mc Alex (Alex Souljah)
Profile: https://www.facebook.com/Injector.Thc
– Silent Hacker's Group (Shg-Cr3w) – Collaborative group
Profile: https://www.facebook.com/sHg.Crew.Albania
- Jetmir Elmazi Domaqini
Profile: https://www.facebook.com/CELLOPEKI
The above seems to act organized under guidance unknown use with the DJ-X @ NI alias and TheDacooder AL - PUSHER and FailHackers, in order to hit her website Of the Greek Police and possibly other Greek critical infrastructure.
It has not been clarified what methodology they use and what attacks are being carried out by Albanianoscopic hackers. Exploring whether it is a group funded by far-right Albanian parties or the Albanian partisan for the purpose of destabilizing blows in the wider region. On the website of the Greek Police they did not appear to have made any changes or their attack was successful, but they appear to have just filed a DDoS for a short time, a few days ago.
But it remains unanswered if the attack is in progress or if they have them possibilities or have used more sophisticated methods (eg Spear phishing attacks, Mission malware / advanced persistent threats) for the purpose of retrieving documents or accessing internal systems.
Studying their previous hits seems to have gained access to a Pero hospital as well as to Greek websites.
The competent national security authorities and law enforcement agencies will be able to investigate with a number of methods, after the publication of the information identified by the SecNews investigation team, what exactly has been targeted by the Albanian hackers and whether the attack is still ongoing or successfully repelled by national security systems.
We estimate that:
- It should be investigated IMMEDIATELY in Albanian-targeted services if malicious e-mail has been sent to addresses that are communicated on the Internet
- In addition, it should be checked whether falsified e-mails or links that lead to malicious software or websites of questionable origin
- It should be tested in the central Internet access systems (Syzefxis proxy servers or others) if there are unauthorized attempts to connect from the internal network to Albanian destinations and mainly during hours of no work.
- Appropriate access restriction filters to suspicious IP addresses should be created
- All system logs should be analyzed for the previous days indicating that the attack occurred (3-4 days ago)
- It is necessary to investigate the specific persons who appear to be involved in the case as well as third persons who have not been identified and are mentioned only by pseudonyms.
Following the release of the issue, unknown by Greek Hackers, they contacted SecNews and said "The Albanians' assault will not remain unanswered and the target group is already targeted and will soon be exposed to their personal information on the internet."
SecNews has placed the above information in order to protect the community as well as to inform the responsible national systems that are allegedly targeted or threatened by attacks by malicious intruders.