Today > vulnerabilities   -   You can now download lists of IOCs here!

Operation MiddleFloor: Disinformation campaign targets Moldova ahead of presidential elections and EU membership referendum

Oct. 10, 2024, 12:39 p.m.

Tags
phishing
disinformation
elections
2024-10-10
moldova
eu referendum
email spoofing
lumma infostealer
External References
Description

A cyber-enabled disinformation campaign called Operation MiddleFloor is targeting Moldova's government and education sectors ahead of crucial elections and an EU membership referendum. The campaign, attributed to a Russian-speaking group named Lying Pigeon, uses spoofed emails and documents to spread anti-European and anti-government narratives. It exploits sensitive topics like gas prices, LGBT issues, and migration to influence public opinion. The operation also collects data on victims, potentially for future targeted attacks. Lying Pigeon has been linked to previous disinformation efforts across Europe, including activities around the 2023 NATO summit in Lithuania and Spanish elections. The group's sophisticated approach combines influence operations with information harvesting, posing a significant threat to Moldova's political stability and European democratic processes.

Date

Published: Oct. 10, 2024, 11:18 a.m.

Created: Oct. 10, 2024, 11:18 a.m.

Modified: Oct. 10, 2024, 12:39 p.m.

Indicators

fb9105dc73a52d36a612157536322a7d3630c813f6acf1b997b370cfd768118c

d1b285fbe249349ae167052d81b4ab5d7e78c14e1ae617ef0985cc101a119d82

c8c3bcdb856b9acffa853124ed13a0cc96641691233004cbe9bf8e018edb8f1b

9a06192d3d922b1e4c404d2c9bac43d3315040635c472257c7a28f51b078ccfe

5c34498dfab981a4d9fb2b898d4e965ae7378e066bbf01ae29bc61adf1a66b2d

4df435afa20401e3af2d17bf8dd67a9d8553520e29cc05905fc9458b8e81ce8f

0e295605cfb9d922ff94d38cad5743da9e3d7d8feddee7b42ca3e2314133a0f0

83.69.236.72

62.106.66.90

51.38.145.50

45.143.167.163

45.133.148.35

38.180.59.182

185.255.132.69

194.61.121.74

185.251.88.12

176.124.33.59

194.61.121.131

http://europa-eppo.eu/forms/3946275

gotohends@inbox.eu

mail.mailos.ru

mail.mailorun.su

mail.mailogon.online

autodiscover.te-storg.com

autodiscover.sapsap.site

autoconfig.te-storg.com

autodiscover.mailorun.su

autoconfig.sapsap.site

autoconfig.mailorun.su

vilnius-summit.lt

viilnius.lt

urm-lt.com

te-storg.com

sso-log.com

socialistii.com

socialisti.md

social-moldova.md

sapsap.site

pass-check.online

otllook.com

noname05716.ru

nnmnnm.ru

nask-pl.com

moldova-social.md

moldova-mediu.md

moldova-energie.md

mec-gov.md

md-mec.com

mcgov.md

mc-md.com

mailos.ru

mailorun.su

mailgon.online

litexpo-portal.lt

ivention.pl

isw-org.pl

interior-gov.es

gov-md.com

golebewski.pl

freepresunlimited.org

europa.study

europa.social

europa-eppo.eu

europa-ec.eu

eupm-moldova.md

energie-gov.md

comunicacion-presidencia-gov.es

comunidad-madrid.es

cert-pl.pl

Download all indicators here!

Attack Patterns

Lumma Infostealer

Lying Pigeon

T1585

T1589

T1586

T1588

T1608

T1583

T1598

T1592

T1584

T1566

Additional Informations

Education

Government

Lithuania

Poland

Spain

Moldova, Republic of