Ethical Hacking News
Europol has disrupted the infrastructure of the pro-Russian hacktivist group NoName057(16), which has been linked to a string of DDoS attacks against Ukraine and its allies. The joint operation, codenamed Operation Eastwood, was carried out in collaboration with authorities from multiple countries.
The EU's Europol has disrupted the infrastructure of pro-Russian hacktivist group NoName057(16), which was linked to DDoS attacks against Ukraine and its allies. The operation, codenamed Operation Eastwood, involved a joint effort with authorities from 12 countries. NoName057(16) has been operational since March 2022 and is believed to have over 4,000 supporters and a botnet made up of hundreds of servers. The group used gamification tactics to recruit and retain sympathizers, including regular shout-outs, leaderboards, and badges. The disruption of NoName057(16)'s infrastructure marks a significant escalation in Europol's efforts to combat pro-Russian hacktivist groups. Europol also issued arrest warrants for six Russian nationals suspected of being involved with the group. The operation highlights the importance of global collaboration in combating cybercrime, as threat actors increasingly operate across borders. The disruption has significant implications for the wider cybersecurity landscape, emphasizing the need for organizations to improve their security posture and invest in advanced threat intelligence solutions.
In a significant development in the ongoing battle against cybercrime, Europol has successfully disrupted the infrastructure of the pro-Russian hacktivist group known as NoName057(16), which has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The joint operation, codenamed Operation Eastwood, was carried out in collaboration with authorities from Czechia, France, Finland, Germany, Italy, Lithuania, Poland, Spain, Sweden, Switzerland, the Netherlands, and the United States.
According to Europol, the NoName057(16) group has been operational since March 2022, acting as a pro-Kremlin collective that mobilizes ideologically motivated sympathizers on Telegram to launch DDoS attacks against websites using a special program called DDoSia in exchange for a cryptocurrency payment. The group's activities have been estimated to involve over 4,000 supporters and the construction of a botnet made up of several hundred servers used to increase the attack load.
The operation was notable not only for its scope but also for the use of sophisticated tactics, such as gamifying the manipulation of younger offenders through regular shout-outs, leaderboards, or badges that provided them with a sense of status. This emotional reinforcement of their participation in cyber attacks was seen as a way to recruit and retain sympathizers.
In recent years, threat actors have been observed staging a series of attacks aimed at Swedish authorities and bank websites, as well as against 250 companies and institutions in Germany over the course of 14 separate waves since November 2023. The group's activities have also been linked to critical infrastructure, with several incidents reported in Spain, where La Guardia Civil arrested three suspected members of the group for participating in "denial-of-service cyber attacks against public institutions and strategic sectors."
The disruption of NoName057(16)'s infrastructure was a major success for Europol, which has long been at the forefront of efforts to combat cybercrime. The operation marked a significant escalation in the agency's efforts to disrupt and dismantle pro-Russian hacktivist groups that have been linked to DDoS attacks against Ukraine.
In addition to the disruption of NoName057(16)'s infrastructure, Europol also issued arrest warrants for six Russian nationals suspected of being involved with the group. The arrests were part of a broader investigation into the activities of several Russian hackers who have been linked to a range of cybercrime operations.
The operation was also notable for its international cooperation, which brought together authorities from multiple countries in a coordinated effort to disrupt and dismantle the NoName057(16) group. This cooperation highlighted the growing importance of global collaboration in combating cybercrime, as threat actors increasingly operate across borders and exploit vulnerabilities in complex networks.
Furthermore, the disruption of NoName057(16)'s infrastructure has significant implications for the wider cybersecurity landscape. As DDoS attacks continue to be used as a tool by state-sponsored actors, it is clear that traditional measures such as firewalls and intrusion detection systems are no longer sufficient to protect against these types of threats.
In light of this, organizations must take proactive steps to improve their security posture, including investing in advanced threat intelligence solutions and implementing robust incident response procedures. By doing so, they can reduce the risk of falling victim to DDoS attacks and minimizing the impact on their operations.
The success of Operation Eastwood marks an important turning point in the fight against cybercrime, as it demonstrates the capabilities of international law enforcement agencies to disrupt and dismantle sophisticated threat groups.
Related Information:
https://www.ethicalhackingnews.com/articles/Europol-Cracks-Down-on-NoName05716-Hacktivist-Group-Linked-to-DDoS-Attacks-Against-Ukraine-ehn.shtml
https://thehackernews.com/2025/07/europol-disrupts-noname05716-hacktivist.html
Published: Thu Jul 17 13:08:09 2025 by llama3.2 3B Q4_K_M
