Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Romania ’s election systems hit by 85,000 attacks ahead of presidential vote

Romania ‘s election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election. Romania ‘s Intelligence Service revealed that over 85,000 cyberattacks targeted the country’s election systems. Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days […]

Oltenia Energy Complex

Romania ‘s election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election.

Romania ‘s Intelligence Service revealed that over 85,000 cyberattacks targeted the country’s election systems.

Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days before the presidential election.

“The intelligence service also said access data for official Romanian election websites was published on Russian cyber crime platforms. The access data was probably procured by targeting legitimate users or by exploiting the legitimate training server, the agency said.” states Reuters. “It added that it had identified over 85,000 cyber attacks which aimed to exploit system vulnerabilities.”

Moscow has denied any attacks on the Romanian electoral systems.

“The attacks continued intensively including on election day and the night after elections,” the Romanian Intelligence reported in a declassified document. “The operating mode and the amplitude of the campaign leads us to conclude the attacker has considerable resources specific to an attacking state.”

Declassified documents from Romania’s security services revealed that Calin Georgescu, the pro-Russian presidential candidate, was “aggressively” promoted on TikTok through coordinated accounts and paid ads.

Calin Georgescu, initially polling in single digits before Romania’s Nov. 24 presidential election, surged to victory, raising suspicion

On December 6, 2024, Romania’s Constitutional Court, citing Article 146(f) of the Constitution, unanimously annulled the entire presidential election process due to concerns about fairness and legality. The annulment affects both the election date set by Government Decision no. 756/2024 and the implementation calendar approved by Government Decision no. 1061/2024. The Court ordered a complete restart of the electoral process, requiring the Government to set a new election date and a corresponding action plan. The decision is final, binding, and will be published in the Official Gazette.

Romania’s intelligence agency also warns that the country’s election systems are still vulnerable and threat actors could compromise them again.

Bleeping Computer revealed that threat actors carried out SQL injection and XSS attacks from over 33 countries. Another report exposes an influence campaign where over 100 Romanian TikTok influencers, with 8M+ followers, were paid to promote pro-Russian candidate Calin Georgescu, receiving $100+ for every 20,000 followers.

Romania’s Foreign Intelligence Service (SIE) believes Russia targeted the country as part of broader efforts to influence democratic elections in Eastern Europe. Moscow views Romania as an “enemy state” due to its support for NATO and Ukraine. These influence operations include propaganda, disinformation, and support for eurosceptic agendas, aiming to shape public opinion to Russia’s advantage. While Russia’s direct role in recent attacks and campaigns in Romania isn’t explicitly confirmed, the analysis highlights its history of election interference elsewhere.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Romania election)