Pro-Russian Group DDoS-ing Governments, Critical Infrastructure in Ukraine, NATO Countries
House › Cyberwarfare
Professional-Russian Group DDoS-ing Governments, Essential Infrastructure in Ukraine, NATO Nations
By Ionut Arghire on January 13, 2023
Tweet
A Professional-Russian cybercrime group named NoName057(16) is actively launching distributed denial-of-service (DDoS) assaults towards organizations in Ukraine and NATO nations.
Also called NoName05716, 05716nnm or Nnm05716, the menace actor has been supporting Russia’s invasion of Ukraine since March 2022, launching disruptive assaults towards authorities and significant infrastructure organizations.
To this point, the group has launched DDoS assaults towards authorities, army, telecommunications, and transportation organizations, in addition to media businesses, suppliers, and monetary establishments in Ukraine, Czech Republic, Denmark, Estonia, Lithuania, Norway, and Poland.
Based on cybersecurity agency SentinelOne, the group centered on Ukrainian information web sites at first, however later shifted consideration to NATO-associated targets, aiming to silence what it deems to be anti-Russian.
NoName057(16) makes use of a Telegram channel to say duty for disruptions, justify its actions, make threats, and mock targets. The group, SentinelOne says, “values the popularity their assaults obtain via being referenced on-line”.
The menace actor was additionally seen abusing GitHub to host instruments marketed on their Telegram channel, together with the DDoS instrument DDOSIA, a multi-threaded utility that has each Python and Golang implementations.
GitHub promptly eliminated the NoName057(16)-associated accounts and repositories after being knowledgeable in regards to the nefarious exercise.
A number of the most up-to-date incidents attributed to the group embrace the concentrating on of the Polish authorities in December 2022, assaults on Lithuanian organizations (primarily cargo and transport companies) in January 2023, and hits on Danish monetary establishments.
This week, the group was seen trying to disrupt the 2023 Czech presidential elections, going down January 13-14.
“Particular targets embrace domains for candidates Pavel Fischer, Marek Hilšer, Jaroslav Bašta, Basic Petr Pavel, and Danuše Nerudová. Moreover, the Ministry of International Affairs of the Czech Republic web site was additionally focused on the identical time,” SentinelOne notes.
All through 2022, the group has been noticed using numerous instruments for finishing up assaults, together with Bobik-infected programs, that are ensnared in a botnet. Based on SentinelOne, nonetheless, NoName057(16) “seems to primarily search participation voluntarily via their DDOSIA instrument”.
“NoName057(16) is one more hacktivist group to emerge following the struggle in Ukraine. Whereas not technically refined, they will have an effect on service availability– even when typically brief lived. What this group represents is an elevated curiosity in volunteer-fueled assaults, whereas now including in funds to its most impactful contributors,” SentinelOne concludes.
Associated: Russian APT Gamaredon Adjustments Ways in Assaults Concentrating on Ukraine
Associated: Ukraine’s Delta Army Intelligence Program Focused by Hackers
Associated: New ‘Status’ Ransomware Targets Transportation Business in Ukraine, Poland
Get the Each day Briefing
- Most Latest
- Most Learn
- Exploitation of Management Net Panel Vulnerability Begins After PoC Publication
- Juniper Networks Kicks Off 2023 With Patches for Over 200 Vulnerabilities
- Fortinet Says Not too long ago Patched Vulnerability Exploited to Hack Governments
- Professional-Russian Group DDoS-ing Governments, Essential Infrastructure in Ukraine, NATO Nations
- Tesla Returns as Pwn2Own Hacker Takeover Goal
- Twitter Finds No Proof of Vulnerability Exploitation in Latest Knowledge Leaks
- Cisco Warns of Essential Vulnerability in EoL Small Enterprise Routers
- The Guardian Confirms Private Info Compromised in Ransomware Assault
- Threema Below Fireplace After Downplaying Safety Analysis
- Subtle ‘Darkish Pink’ APT Targets Authorities, Army Organizations
In search of Malware in All of the Flawed Locations?
First Step For The Web’s subsequent 25 years: Including Safety to the DNS
Tattle Story: What Your Laptop Says About You
Be in a Place to Act Via Cyber Situational Consciousness
Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant
2010, A Nice 12 months To Be a Scammer.
Do not Let DNS be Your Single Level of Failure
The right way to Determine Malware in a Blink
Defining and Debating Cyber Warfare
The 5 A’s that Make Cybercrime so Engaging
The right way to Defend In opposition to DDoS Assaults
Safety Budgets Not in Line with Threats
Anycast – Three Causes Why Your DNS Community Ought to Use It
The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations
Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise
SecurityWeek Podcast
