The Clean Romania Platform has published evidence that it is being attacked by state institutions. According to româniacurată.ro, the attacks came from STS and MApN.
We completely publish the article “STS, do you let us live too?”
“For a long time, but especially in the last days, the Clean Romania platform is the target of amateur attacks but numerous DDoS and XMLRPC attacks, meant to keep our website offline as much as possible. We call them amateur because it was not difficult to figure out where these attacks came from.
The main thing was done by proxies from China, Vietnam, Nigeria, Holland, France, Argentina and some banana countries, and among those bursts of cascading accesses I identified the IP from STS, namely 22.214.171.124 – client. stsisp.ro, ie fixed UM 0319 (Bucharest Special Telecommunications Service). This IP has visited our site 73 times in the last month, generating with those visits 735 impressions.
Last night, at 2 o'clock, STS checked us if we were still “living” among the attacks of an IP in Oradea (which we blocked at that time).
Also last night, shortly after, at 3 o'clock at night, after we managed to isolate the external IPs that assaulted us in the last days, the ones from MApN also checked us.
2,488 hits from this IP of the MApN we received in the last month, the traffic totaling only 28 MB, so they did not access articles, but scripts and other hidden issues from the server so as to load the processor and drop us the platform by using the resources. dedicated.
Great job at the Ministry of National Defense! Instead of dealing with theirs, the scriptures on our site stress us.
Another champion in the number of dubious hits of our server in the last month is 89,238.255.34, with 8,003 hits and as many pages (traffic of only 23 MB cumulated, so the same recipe). It belongs to Euroweb Romania SA, a company contracted by STS on several occasions in recent years for “high capacity internet connection services” worth over 2.5 million lei. Now we also see what STS uses that great capacity.
According to the AbuseIPDB portal, an open source database that reveals the IP addresses involved in such attacks internationally, the IP address of the company contracted by STS can be found on several blacklists for DDoS and XMLRPC attacks.
We recommend those from STS and MApN to see theirs, because what they have tried in recent days is an indirect attack on the freedom of the press, using the state resources for purposes that go beyond their legal and constitutional powers.
The data set out above can be verified both online and at our provider, RoHost ”, writes those from Romania Curată.