Compromiseseverity: High2022-07-15

Homeland Justice persona disrupts Albanian government IT under MOIS direction

published by Check Point Research

Actor

Iranian state-sponsored intrusion set publicly attributed to the Ministry of Intelligence and Security (MOIS), specialised in destructive operations and conducting them under a rotating set of public…

Summary

In mid-July 2022 destructive intrusions disrupted Albanian government services and the Total Information Management System (TIMS) used at border crossings, claimed via the 'Homeland Justice' leak site. Albania severed diplomatic relations with Iran in September 2022, and subsequent vendor reporting (Microsoft, Check Point, Mandiant) attributed the destructive component to the MOIS cluster now tracked as Void Manticore / Storm-0842, with initial access handed off from Scarred Manticore.

Primary source

research.checkpoint.com

Other Void Manticore events

2024-05-20Check Point documents Void Manticore / Scarred Manticore MOIS handoff
2024-05-20Check Point Research details Void Manticore wipers and Karma persona

Summary

Tags

Primary source

Other Void Manticore events