Politicians suffered a number of online attacks, while online hatred of vulnerable communities, hacking attacks and online frauds increased across all digital environments.
Political figures targeted in many online spaces
The first half of September saw a flare-up of episodes linked to political motives in different countries.
Serbia, Hungary and North Macedonia are the countries where most such episodes were recorded. This only shows how divisive political clashes and rhetoric remain a major problem in the region.
On September 1, Serbian President Aleksandar Vučić and his sons received death threats via Instagram. A 47-year-old man from Zrenjanin was arrested on suspicion of committing the crime of endangering security in connection with the threats and was placed in pre-trial detention for 48 hours.
Serbian President Aleksandar Vucic attends a joint press conference with Turkish President Recep Tayyip Erdogan (not pictured) in Belgrade, Serbia, 07 September 2022. Photo: EPA-EFE/ANDREJ CUKIC
In Hungary, a deceptive video aimed at an MEP started circulating on Facebook on September 6. A video of a band playing a concert in the Parliamentary Assembly building of the Council of Europe was leaked on Facebook in Hungarian falsely claiming to be showing EU politicians “celebrating their salaries” to “Jewish music” – as European citizens face record energy prices.
In another incident, on September 8, a photo supposedly of former Estonian president and activist Mikk Pärnits wearing a women’s pink dress started circulating on Facebook in Hungarian. The image is actually from a 2020 awards ceremony, where the winner wore a women’s dress to raise awareness about domestic violence and sexual abuse.
North Macedonia is the country where the largest number of episodes have occurred. A photomontage of ex-Finance Minister Nina Angelovska, depicturing her with a plate of cake in the shape of a penis, was published on Twitter on September 2. The author wrote: “Dear viewers, this one was a minister in the cabinet of the bonehead from Murtino.” The “bonehead from Murtino” refers to former prime minister Zoran Zaev.
In North Macedonia, on September 5, a Twitter user posted a print screen of news about a press conference from the President, about the recent security session. Above the print screen, an inscription read: “It occurred to the louse to say that we are bankrupt!”.
Finally, a last incident on September 9 recorded by our monitors saw former PM Zaev being insulted on Facebook, in which Zaev was quoted about a potential referendum. Facebook users used threatening and offensive words about Zaev, such as “Smelly”, “Idiot”, “Shit traitor”, “Traitor soul”, and, “Crazy monster, the only option for you is a knife or a razor and be cut piece by piece.”
Minority and LGBT communities systematically attacked online
Following Serbia’s government ban of the EuroPride 2022 celebration in Belgrade, where right-wing anti-LGBT groups also announced they would march through the Serbian capital, police arrested more than 64 people, after thousands of LGBTQI+ activists turned out for the march, despite the ban.
At the same time, activists and supporters of the LGBT movement, along with various ethnic minorities, were subjected to an increasing number of online attacks on social networks.
A participant during the EuroPride march in Belgrade, Serbia, 17 September 2022. Photo: EPA-EFE/ANDREJ CUKIC
At the end of August, for example, Serbian filmmaker Stevan Filipović and actor Viktor Savić argued on social media about the holding of the EuroPride in Belgrade. The argument ended a friendship of almost 15 years. After the debate, Filipović shared threatening and insulting messages from Savić’s supporters on Instagram.
North Macedonia also saw anti-LGBT incidents. On September 5, a Twitter account posted: “You open your timeline, and what can you see? all the faggots jumping on your dick from early morning. Fuck off, I have romance to tweet about, fuck you, you ass- fucking tribe”. Other users also used similar insulting and threatening words.
Meanwhile, both the country’s Albanian and Roma communities were repeatedly attacked and abused in North Macedonia’s digital environment. Most incidents occurred on Twitter. One user on September 2, addressing the Albanian minority, wrote: “Shiptars, hippers, who don’t pay electricity, don’t pay, will some cheap electricity be able to boil beans for us on Friday?” The following day, another user on Twitter published a post with a picture of a parking ticket from City Mall in Skopje written only in Albanian. Above the picture he wrote: “Boycott Skopje City Mall, they only give receipts in ‘shiptar’ language”.
“Shiptar” is a highly insulting term for Albanians.
Between 16 and 18 September, three different episodes were also recorded on Twitter. First, while sharing a headline from a media outlet that refers to the appointment of ambassadors from North Macedonia, a Twitter user wrote: “Shiptars are messing with the whole country” and referred to “servants of the Shiptar mafia”.
Another Twitter user, referring to reports that the state administration will be filled with Albanians from the diaspora, wrote: “We’ve returned the shippers from the diaspora”. Finally, another Twitter account wrote an offensive post with hate speech towards Albanians, saying that he does not know any country “that loves Shiptars as a minority.
Data leaks, hacking attacks and online scams also recorded
Serbia, Romania, Bosnia, Hungary, and North Macedonia were all hit by cyber-fraud incidents in recent weeks. In fact, cyberattacks targeting IT systems in the whole region continue to endanger many institutional and private actors due to the absence of a prevention system and a political strategy for this purpose.
A source code on a computer in Taipei, Taiwan, 13 May 2017. Photo: EPA-EFE/RITCHIE B. TONGO
On September 4, personal data of more than 500,000 citizens collected since 2008, such as names, surnames, addresses, emails and dates of birth, from a Serbian employment website called Lako do posla were leaked online.
Initial analysis by cybersecurity experts said the data may have been extracted from the database using a security vulnerability on the website. Meanwhile, the Facebook page of the Bosnian online outlet Gracija was hacked last September 7. The announcement of the new edition of the online media was changed into vulgar and misogynistic words. Editors immediately removed the content. Gracija reported: “The cover could have been the reason for this incoherently written insult”. It said it would not censor its content, however, to show what “dirty games” take place during the pre-election period.
In Romania, several online attacks also occurred. A media website from Vaslui, a county on the border with Moldova, was the target of a Flooding/Denial of Service attack. The attacks don’t seem connected, as the IP addresses involved in the attack on the local media outlet were mostly from Asia, while G4Media was targeted through IP addresses mostly from the US. The local media website was left unavailable for more than an hour during the DDoS attack. At the same time, on September 8, G4Media, a Romanian online media known for investigative pieces on the judiciary, was the target of a massive Flooding/Denial of Service DDOS attack. The newsroom said the unknown attackers were likely targeting an investigative piece on a probe into how the judiciary system silenced plagiarism accusations against PM Nicolae Ciuca.
In Hungary, UniCredit Bank issued a warning that fraudsters are acting as buyers for a product advertised on the internet and asking for the sellers’ banking details (internet banking ID/password/banking activation code) by referring to a mail order service.
The information they obtain is then used to make unauthorised credit card purchases and transfers. Another hacking episode was recorded in North Macedonia, where the website of the Ministry of Education and Science was hacked by a Greek hacker group.
The attackers posted their text on the website: “Hacked by the Greek hacker team Netwatchers”. After the attack, the ministry insisted citizens’ data was not at risk.