Noname057(16)

NoName057(16) is a pro-Russian hacker group that first declared itself in March 2022 and claimed responsibility for cyber-attacks on Ukrainian, American, and European websites of government agencies, media, and private companies. It is regarded as an unorganized and free pro-Russian activist group seeking to attract attention in Western countries.[1]

NoName057(16)
Formation2022

Activity

Information about the attacks carried out by NoName057(16) is published in the Telegram messenger channel of the same name. According to Ukrainian media, their employees received threatening letters from the NoName057(16) group.[2] This was also stated by the Ukrainian ex-Ombudsman Lyudmila Denisova.[3] OSINT researcher Cyberknow20 has included NoName057(16) in his summary table of hacker groups, which he periodically updates.[4]

Known DDOS attacks

Ukrainian sites

Starting from March 2022, the NoName057(16) group has carried out a number of cyberattacks on Ukrainian media websites and Ukrainian media portals. For example, such as: the portal "Detector Media",[5] the site "Odessa Online",[6] the information agency "Competitor".[7]

Latvia

The DDOS attack claimed by the NoName057(16) group disrupted the online train ticket sales system on the website and in the mobile application of the Latvian company Passenger Train (Pasažieru vilciens).[8] The company representatives stated in their Twitter account they had to stop selling tickets on the site and in the application because of the incident.

Lithuania

On June 21, representatives of the hacker group NoName 057(16) announced on their Telegram channel that they were joining the attacks on the websites of the Republic of Lithuania. In their appeal, they called on other communities of pro-Russian hackers, as well as individual hacktivists, to do the same. The hackers called their actions "revenge for Kaliningrad".[9] As a result, in about a month, the group carried out more than 200 attacks on Lithuanian Internet infrastructure resources. The Lithuanian Ministry of Defense stated that the participants in the attacks were pro-Russian "volunteer activists".[10] In particular, the group attacked the website of the Lithuanian company Ingstad,[11] the websites of Lithuanian airports[12][13] and other Internet resources. In addition to DDOS attacks on Lithuanian sites, hackers from NoName057(16) managed to perform a so-called deface on one of them. As a result, a message from hackers appeared on the main page of the resource of the logistics company ExpressTrip.

Estonia

On June 7, 2022, NoName057(16) carried out a cyberattack on the website of the Central Bank of Estonia[source?]. Bank representatives confirmed the fact of the attack and emphasized that as a result of the incident, “the external website and the statistics module of the Bank of Estonia were not working due to technical reasons”.[27]

United States

Also, hackers from NoName057(16) carried out attacks on the websites of American companies from various fields of activity. As a result of one of these attacks the website of the ITT company ceased to be available to users for a long time.

Denmark

The group claimed responsibility for DDOS attacks on the sites of a number of businesses in the financial sector, along with the Ministry of Finance in January 2023, due to the Danish support to Ukraine.[14]

Norway

As a kind of protest against the decision of the Norwegian authorities to ban the delivery of goods to Russian citizens in the Svalbard archipelago, the NoName057(16) group organized attacks on a number of sites in Norway. The attacks were noticed by the local media.[15][16]

Poland

The group also carried out DDOS attacks against Poland's Internet infrastructure in different periods of time.[17]

Finland

A cyber attack on the website of the Finnish Parliament occurred after Finland joined NATO on April 4, 2023.[18][19] Finnish journalists ranked the group as pro-Russian.[20]

As a result of the incident, the Finnish criminal police launched a preliminary investigation.[21]

Czech Republic

During the 2023 presidential elections on January 13, 2023, the website of presidential candidate General Petr Pavel has been under a strong hacker attack since Friday morning. That's why it was not loading for some users, his election team said. It is said that the website faced a similarly strong attack throughout Wednesday. According to the operator, the attack was conducted from various IP addresses across Europe.[22] On March 24, 2023, there was a DDoS attack on the site of Prague Integrated Transport website about public transportation in Prague. The website for unavailable for several hours. The Noname057(16) claimed responsibility for the attack. Also, the website of Florenc Central Bus Station was also affected by this attack.[23]

Italy

Following the visit of Prime Minister Giorgia Meloni to Kiev, in support of Ukraine's efforts in the ongoing conflict with Russia, a series of Italian companies' and institutions' were attacked[24][25] in February and March 2023.[26]

Iceland

During the summit of the leaders of the Council of Europe in Reykjavik, Iceland, May 16 2023, the Noname057(16) group has claimed responsibility for several attacks on Icelandic governmental websites. [27]

References
  1. "NoName057(16) Pro-Russian Hacker Group Targeting Sites in Ukraine and Supporting Countries with DDoS Attacks". NoName057(16) Pro-Russian Hacker Group Targeting Sites in Ukraine and Supporting Countries with DDoS Attacks. Retrieved 2023-01-09.
  2. "Російські ноунейми пообіцяли помститися ще одному запорізькому сайту". imi.org.ua (in Ukrainian). Retrieved 2022-08-20.
  3. Іванов, Юрій (2022-04-28). ""Оперативній Україні інфо" надійшли погрози від російських хакерів NoName * Оперативна Україна інфо". Оперативна Україна інфо (in Ukrainian). Retrieved 2022-08-17.
  4. "Update 16. 2022 Russia-Ukraine War — Cyber Group Tracker. July 14". July 14, 2022.
  5. ""Детектор медіа" зазнає DDoS-атаки". imi.org.ua.
  6. ""Одеса.Онлайн"".
  7. "DDoS-атаки і дзвінки з погрозами: рашисти залякують журналістів ІА "Конкурент"". konkurent.ua.
  8. "Из-за DDoS-атаки была нарушена торговля билетами на сайте Pasažieru vilciens". Экономика. June 1, 2022.
  9. https://ria.ru/20220627/khakery-1798513241.html
  10. "Кругом одни компбатанты". www.kommersant.ru. July 18, 2022.
  11. https://ria.ru/20220629/ataka-1799137306.html
  12. "Кибергруппы KillNet и NoName057(16) положили интернет-ресурсы Литвы". Anti-Malware.ru. June 22, 2022.
  13. "Three Lithuanian airports under DDOS attacks NoName057(16)". The Cyber Shafarat - Treadstone 71. June 23, 2022.
  14. Moltke, Henrik (January 13, 2023). "Russisk hackergruppe i mail til DR: Vi står bag cyberangreb mod Danmark". dr.dk (in Danish). Retrieved January 13, 2023.
  15. "Nyhetsstudio - Hackergruppe: Hevder seier over Norge". Dagbladet.
  16. "Antimedia - Nyheter".
  17. "Таинственные хакеры оптом уничтожают сайты польской армии, силовиков и госведомств". CNews.ru.
  18. https://goodwordnews.com/finnish-parliament-website-hacked-by-russian-group/
  19. "Govt website comes under cyber attack after Parliament". clickittefaq. Retrieved 2023-04-17.
  20. "Хакеры взломали сайт парламента Финляндии". Interfax.ru. Retrieved 2022-08-24.
  21. "Интернет-сайт финского парламента подвергся атаке хакеров". Новости. August 9, 2022.
  22. https://www.forum24.cz/na-web-petra-pavla-utoci-hackeri-podobnemu-utoku-web-kandidata-na-prezidenta-celil-i-ve-stredu/
  23. https://twitter.com/PIDoficialni/status/1639191034742677504
  24. Redazione Ansa (22 February 2023). "Hackers attack websites of Italian firms and institutions". Rome: ANSA. Retrieved 7 March 2023. A series of Italian companies' and institutions' sites are in the cross-hairs of hackers from the pro-Russian collective NoName057, who claimed the action on their Telegram profiles
  25. Longo, Alessandro (6 March 2023). "Gli hacker filorussi di Noname057 hanno attaccato per la seconda volta l'Italia". Il Sole 24 ore (in Italian). Retrieved 7 March 2023.
  26. Nuovo attacco hacker all'Italia, repubblica.it, 22 marzo 2023
  27. "Netárásir gerðar á íslenskar vefsíður". www.mbl.is (in Icelandic). Retrieved 2023-05-16.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.