Russian Hacker Group ‘NoName75’ Attacks Banks in Romania

A massive DDOS attack affected several banks in Romania on Friday, March 15. As bank representatives announced, the attack was initiated by the hacker group NoName75.

We detected malicious traffic and took measures to restrict it. We had no negative impact on accounts, data, or infrastructure security. We are monitoring the situation and are 100% operational. It was a DDoS attack that targeted several large banks. It came from a pro-Russian group involved in a similar situation in Ukraine. Her name is NoName75.

BCR representatives to Romanian local platform Economia

Apparently, three banks operating in Romania suffered from the attack: BCR, a subsidiary of Austrian Erste Bank; the Romanian Banca Transilvania, which entered the top three by brand strength this year; and Alpha Bank. All banks communicated that they acknowledged the attack and took immediate measures to reinstate the functionality of their applications for clients.

Before the attack in Romania, NoName75 attacked other banks in Ukraine. However, there is no news regarding the potential loss in bank clients’ accounts.

Despite measures taken to protect the infrastructure by specialized institutions, including the European Cybersecurity Competence Centre in Bucharest, Romania proves it is highly vulnerable to outside DDOS or ransomware attacks. As we warned, this is not the last attack of foreign hackers.

The same or similar groups stole 250 GB of data from the Romanian Parliament’s servers in January, including Prime Minister Marcel Ciolacu’s ID. In February, there was a massive ransomware attack on Romanian hospitals, and the attacks will continue.

Meanwhile, the Romanian Antivirus company, now a global leader, won significant prizes in AV competitions. Does anyone notice in Romania?

Why is Bitdefender the best antivirus, a multiple-prize winner, and appreciated worldwide but not in its own country? We’re not advertising here; we’re just puzzled by this paradox. As politicians often mention, a country that pretends to be a regional cybersecurity hub cannot offer protection for its own institutions and banks.

Studies show that each attack financially impacts the vulnerable organization, starting from USD 50,000 and reaching USD 1 million in some instances. A massive ransomware attack on all hospitals in a country can have a much more significant impact.

Will Romania ever wake up from this nightmare and start protecting institutions and companies operating on its territory, or will it let all the individuals and organizations operate their own countermeasures to prevent any DDOS and ransomware attack? If not, at least politicians shouldn’t mention the country being the “regional cybersecurity hub” they pretend it to be.