A new active group of cyber attackers supporting Russia’s interests is involved in attacks on key infrastructure in the wider Black Sea region, according to cybersecurity experts from Bitdefender. Confirmed targets include judicial and governmental institutions in Georgia, as well as an electricity provider in the Republic of Moldova, the source said.

The methods used by the Curly COMrades group include prolonged network access, data theft, and traffic masking through legitimate websites — tactics that could also be replicated against Romanian organizations, including those in the energy, transport, or public administration sectors, according to Bitdefender’s statement.

“The investigation revealed the use of advanced persistence techniques, redundant access infrastructure, and a new type of attack tool, MucorAgent. This tool uses an unprecedented persistence method in the company’s research, exploiting a standard Windows component to reactivate unpredictably and discreetly,” the statement said.

In this context, Bitdefender specialists recommend continuous monitoring of unusual network activity and blocking traffic to suspicious external servers, along with restricting the use of remote administration tools when they are not strictly necessary.

They also call for the implementation of incident detection and response solutions such as EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response), which monitor network and system activity in real time, identify suspicious behavior, and allow rapid response. For organizations without dedicated internal security teams, another recommendation is to use MDR (Managed Detection and Response) services, which provide specialized external teams for 24/7 monitoring, investigation, and response to attacks.

“Attacks observed in neighboring or geographically close states may be an indicator of threats that could target Romania. Physical borders no longer limit cyber risks, and geographical proximity, economic ties, and interconnected infrastructures make continuous monitoring and rapid response capacity essential for Romanian companies and institutions,” the experts stress.

Founded in 2001 in Romania, Bitdefender offers advanced solutions for prevention, detection, and incident response in cybersecurity.