Montenegro was allegedly hit by the Cuba Ransomware gang, while online frauds and phishing scams occurred elsewhere throughout the region.
Cuba Ransomware and other cyber-attacks rock region
In November 2021 the FBI initially identified the so-called “Cuba ransomware”, accused of compromising as many as 49 public and private entities by encryption techniques targeting data with the unique “cuba” extension. Cuba ransomware perpetrators have demanded at least US $74 million and have received at least US $43.9 million in ransom payments so far.
In the region, Montenegro was hardest hit by cyberattacks lately. As BIRN has reported, the IT systems of Montenegro’s public administration have been offline since August 22 and, after initially blaming alleged Russian hackers, authorities now do not exclude the possibility of the Cuba Ransomware’s involvement. Public Administration Minister Marash Dukaj has directly accused the criminal group linked to the Cuba Ransomware of responsibility.
A digital screen displays a live cyber hack attack during a press conference at the Federal Criminal Police Office (BKA) in Wiesbaden, Germany, 11 November 2019. Photo: EPA-EFE/RONALD WITTEK
Beyond that worrying case, cyberattacks and other online frauds occurred all over the region. In North Macedonia on August 26, after a prize game recently appeared on Facebook through the fake profile “Technomarket Fans”, Technomarket, the Bulgarian retailer of consumer electronics, warned that the prize and the website were fake and aimed to lure users into an online scam. As part of a supposed raffle, the scammers claimed to be giving away vouchers for 670 fridges and cookers.
In another incident, on August 21, a man was defrauded online of over 130,000 denars (around 2,000 euros) after he publicly appealed for humanitarian aid from citizens to rebuild his ruined house.
Public institutions continue to be victims of incidents of falsification and impersonation in the online world. In Hungary, fraudsters misused the name of the police, sending mass emails in the name of the Police Department of Budapest with malware attached.
According to the real police, a malicious file with an XLL extension was sent to citizens claiming to be a police officer seeking a price quote from the recipient’s company and asking them to open the attached document.
At the same time, in Serbia, a phishing scam targeted a number of Serbian Post users. Serbian Post warned citizens of the attempted fraud and urged them not to be tricked by the fake emails. Serbian Post stressed that it never contacts citizens in this way.
Meanwhile, in Bosnia, on 22 August, two Ukrainian citizens were convicted of international cybercrime in what is the first such sentence in the country. The two were arrested and accused of organized crime concerning computer fraud after taking out 100,000 KM (around 50,000 euros) from a 24 Sberbank BH ATM. Investigators were unable to intercept about 2.5 million KM (around 1.25 million euros) which they seem to have exported abroad, most likely to their country of origin.
Hate speech targets the Albanian minority in North Macedonia
Our latest review of the violations that took place in the first half of August highlighted that the Bulgarian minority in North Macedonia is not fully integrated into the socio-cultural context of the country. The much larger Albanian minority has meanwhile been frequently attacked on North Macedonian social networks, which further demonstrates how internal ethnic tensions are being exacerbated by far-right propaganda on the web.
An Ethnic Albanian waves Albanian flag in front of the cordon of police officers during the protest following a court decision in Skopje, North Macedonia, 26 February 2021. Photo: EPA-EFE/NAKE BATEV
Our monitors recorded widespread usage on North Macedonian social networks of the highly derogatory and insulting term “Shiptar” to target the Albanian minority. As Albanian commentator Butrim Gjonbalaj explained, “Skiftar, Siptar, or Shiptar was a derogatory term used by Yugoslavians to insult Albanians and basically the equivalent of calling people of colour the N-word.”
The slur was the subject of a Belgrade court ruling in Serbia in December 2020, following an appeal from Ragmi Mustafa, the head of the Albanian National Council, against Serbian Interior Minister Alexandar Vulin who used the slur on multiple occasions. However, the court ruled that while the term is offensive, “it does not represent an idea, information or opinion that incites inequality, violence and hatred”.
On August 25, a Twitter user, addressing North Macedonia’s ethnic Albanian minority, wrote: “Why don’t we, like the Shiptars, start not paying for electricity!” Along the same line, a Twitter account posted that he “got into a fight with a ‘shipper’”, which was followed by several users also using derogatory words about ethnic Albanians in North Macedonia. On August 23, following a tweet published by a university professor, who had criticized the government, a Twitter user replied that the country’s large ethnic Albanian minority had to be eliminated. The user said: “Only a general popular uprising can remove them from power”.
Another user, commenting on a post published on 22 August that read: “NATO today with the symbolic low flight of a B-52: This territory must not be tampered with by anyone. This is what we fought for, friends,” wrote: “No one is allowed to touch it, except for Shiptari, Bulgarians and Greeks.”
A further incident saw the online media Plusinfo.mk publishing an article titled “What awaits the Albanians?” aimed at targeting the Albanian minority. “They know their dream of Greater Albania will never come true!” it commented, adding other derogatory phrases that accused the country’s Albanians of being stateless and of working against the country. Another accusation made in the online media is that Albanians are political spies whose sole aim is to destroy Macedonian identity, state and culture.
Online gender-based violence hits the Romanian digital environment
Women continue to be targeted online by incidents of misogyny, sexism and other cases of gender hatred. Cyberviolence against women is confirmed to be a worrying trend in various digital environments. In the second half of August, Romania recorded several episodes of this kind.
Women with their eyes covered with violet scarfs participate in a flash mob in front of Romania’s Internal Affairs Minister in Bucharest, Romania, 01 March 2020. Photo: EPA-EFE/BOGDAN CRISTEL
On August 26, Andrei Selaru, aka Selly, the most popular Romanian vlogger on YouTube, became the target of online harassment after appearing in a video promoting the Romanian Army. The video, published on the Defence Ministry’s Facebook page, ignited a public debate on the way influencers cash in on public money. Journalists accused Selly of being paid for an “unprofessional campaign”, although he had collaborated for free.
In another incident, recorded on August 19, two Bucharest policewomen were attacked online after a picture taken of them without their consent went viral on Facebook. In the photo, the two women appear to drink coffee and smoke cigarettes in front of a police station in Bucharest. But what sparked the intense backlash was that the two policewomen were wearing full make-up. “These girls are some stripers, caught while preparing for a stag party,” wrote one Romanian on Facebook. Another was quick to assume that the two police officers were uneducated and had not studied at the Police Academy. “Wearing jewellery instead of police equipment. Instead of safety and protection, they offer us style,” said another Romanian.