DDoS Attack on Bulgarian Websites Traced Back to Russia

Bulgarian websites are facing a DDoS attack suspected to be done by Russian hackers. The deputy chief prosecutor and director of the national investigation, Borislav Sarafov told news reporters that the attack came from the city of Magnitogorsk in the Russian Federation. The cyber-attack was made on October 15 and impacted the systems of the Bulgarian government ministries’ website, the presidency, the National Revenue Agency, airports, banks, and some media and telecommunications companies. 

Despite the attack on several Bulgarian states, government, and private sector websites, Bulgarian authorities confirmed that no data was compromised. “We will try to identify all those involved in this hacker attack and bring them to court in Bulgaria if Russian judicial authorities respond and they are extradited. If not, we will try them in absentia,” Sarafov told reporters. 

Ivan Geshev, the chief Bulgarian prosecutor, stated that the attack was not targeted toward the presidency but the Bulgarian state, as per a report. Several authorities are investigating the DDoS attack. 

Following the DDoS attack, the prosecutor’s office informed the national security and investigation agencies to investigate the situation. 

In April 2022 the Bulgarian state postal service suffered a crippling cyber-attack from suspected Russian agencies. The virus and malware were traced back to Russia, and the attack type also confirmed the origins. The Bulgarian government made its stance clear by declaring that it will not make any ransom payments.  

Suspicion of Russian connections was drawn also because of the use of Delphi software, which is used mostly by users in the Russian Federation. Delphi software was used to circumvent the security measures put in place to protect the attacked systems. 

As per reports, Russian hackers have been targeting social media accounts of state institutions and other websites in Southeast Europe. Montenegro’s national security agency was hit by a cyber-attack on August 26. The government servers were forced to work offline for over a month due to the attacks.  

There have been speculations and questions raised about the cyber-attacks having any link to the Crimean bridge attack. The bridge was damaged following a blast that occurred on October 15. The Russian government has declared that it will try to finish the repair work of the bridge that links annexed Crimea to Russia by July 2023, as per a BBC report.