#apt73 — Public Fediverse posts

I may have to add Moldova to my list of countries I may not be able to visit. I just posted a two-fer involving two of their government portals:

https://databreaches.net/2026/02/19/data-protection-failures-on-moldovan-portals-exposed-citizens-to-risk/ is about a long-time IDOR incident that exposed the personal info of everyone who ever used the govt portal to apply for a job. The vulnerability was brought to my attention by a student who was frustrated with his government's lack of response to his attempts to get them to address it.

and

https://databreaches.net/2026/02/19/leaked-data-raises-questions-about-hackers-claims-and-moldovas-prior-denial/ discusses an alleged hack by Bashe Team of another portal used by Moldovan residents to apply for energy compensation.

In May 2025, the government had denied claims that access to the compensation portal had been sold. "No evidence.... smoke and mirrors... " they claimed.

Fast forward to January 2026, and data from that portal and timeframe was leaked after Bashe Team claimed to have hacked it. But while the data appear to be real, Bashe Team's claims about how and when they acquired it didn't check out.

Bashe Team seems to be allergic to telling the truth about their listings. @cloudsek noted their less-than-honest claims in 2025; DataBreaches.net notes it now, and @amvinfe has also noted it in his new reporting on #SuspectFile.

#databreach #leak #vulnerability #cariere #compensatii #govsec #cybersecurity #Bashe #APT73 #Eraleign

@campuscodi @euroinfosec @lawrenceabrams

𝐃𝐨𝐮𝐛𝐭𝐬 𝐎𝐯𝐞𝐫 𝐁𝐚𝐬𝐡𝐞’𝐬 𝐂𝐥𝐚𝐢𝐦𝐬: 𝐓𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐚𝐧𝐝 𝐎𝐩𝐞𝐧 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬

What emerged from this follow-up inquiry highlights significant discrepancies between the statements published on the group’s blog and the technical characteristics of the data examined. Despite our additional questions, no verifiable evidence was provided to substantiate the claims. Instead, we were told that authenticity could be confirmed through the purchase of the stolen database — a proposal we firmly rejected.

https://www.suspectfile.com/doubts-over-bashes-claims-technical-analysis-and-open-questions/

#APT73 #Bashe #CloudSEK #IndianBank #IndonesianBank #LineBank #Ransomware

𝐃𝐨𝐮𝐛𝐭𝐬 𝐎𝐯𝐞𝐫 𝐁𝐚𝐬𝐡𝐞’𝐬 𝐂𝐥𝐚𝐢𝐦𝐬: 𝐓𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐚𝐧𝐝 𝐎𝐩𝐞𝐧 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬

What emerged from this follow-up inquiry highlights significant discrepancies between the statements published on the group’s blog and the technical characteristics of the data examined. Despite our additional questions, no verifiable evidence was provided to substantiate the claims. Instead, we were told that authenticity could be confirmed through the purchase of the stolen database — a proposal we firmly rejected.

https://www.suspectfile.com/doubts-over-bashes-claims-technical-analysis-and-open-questions/

#APT73 #Bashe #CloudSEK #IndianBank #IndonesianBank #LineBank #Ransomware

𝐃𝐨𝐮𝐛𝐭𝐬 𝐎𝐯𝐞𝐫 𝐁𝐚𝐬𝐡𝐞’𝐬 𝐂𝐥𝐚𝐢𝐦𝐬: 𝐓𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐚𝐧𝐝 𝐎𝐩𝐞𝐧 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬

What emerged from this follow-up inquiry highlights significant discrepancies between the statements published on the group’s blog and the technical characteristics of the data examined. Despite our additional questions, no verifiable evidence was provided to substantiate the claims. Instead, we were told that authenticity could be confirmed through the purchase of the stolen database — a proposal we firmly rejected.

https://www.suspectfile.com/doubts-over-bashes-claims-technical-analysis-and-open-questions/

#APT73 #Bashe #CloudSEK #IndianBank #IndonesianBank #LineBank #Ransomware