NoName057

Threat Actor updated 10 days ago (2024-10-17T13:00:57.315Z)

Download STIX

Preview STIX

NoName057 is a pro-Russian threat actor or hacking group that has been implicated in several major cyber attacks, particularly distributed denial of service (DDoS) attacks. In August 2023, NoName057 launched significant DDoS attacks against Czech banks and the Czech stock exchange. The hackers demanded that these financial institutions cut off support to Ukraine, indicating geopolitical motivations behind their actions. This attack was also stated as retaliation for Finland's decision to join NATO. The group has been prolific in its activities, with third parties attributing 924 attacks to NoName057 according to the CyberPeace Institute. Among these, they were responsible for a series of ransomware attacks, targeting prominent organizations such as Talanx, the Federal Office of Logistics and Mobility, Hamburger Feuerkasse, and the German Customs Administration. The targets and nature of these attacks suggest a broad and potentially politically motivated campaign. In addition to these direct attacks, NoName057 has been active in hacktivist circles, waging political and religious warfare against nations or officials opposing their ideals and goals. They have been particularly active in Moldova, which has suffered repeated cyber attacks from this group over several months. Despite these activities, official responses or statements from targeted organizations remain sparse, leading to uncertainty about the full extent and impact of NoName057's actions.

Description last updated: 2024-10-17T12:23:47.978Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Hacktivist

Ddos

Russia

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The KillNet Threat Actor is associated with NoName057. Killnet, a threat actor group with strong affiliations to Russia, has been implicated in a series of high-profile cyberattacks. The group's activities have been linked to Russia's geopolitical objectives and have been particularly active following Russia's ban from the 2022 FIFA World Cup due to its	Unspecified	2

Source Document References

Information about the NoName057 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	5 days ago	Russia-Linked Hacktivists Attack Japan's Govt, Ports
InfoSecurity-magazine	3 months ago	Paris 2024 Olympics Face Escalating Cyber-Threats
BankInfoSecurity	a month ago	ENISA Warns About Hacktivist, Ransomware Crossover
DARKReading	a month ago	Ukraine, Gaza Wars Inspire DDoS Surge Against Finservs
CERT-EU	8 months ago	2024, the year of elections and politicaly motivated DDOS attacks – Netscout comments – Global Security Mag Online
CERT-EU	10 months ago	NoName057 Ransomware Attack Hits German, Ukrainian Sites \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	10 months ago	2023 - A Significant Year For Cyber Incidents
CERT-EU	a year ago	Les actus cybersécurité qui touchent la Suisse (4 décembre 2023)
CERT-EU	a year ago	AI Act's last mile, MEPs throw the gauntlet on EUCS
CERT-EU	a year ago	Dutch ports fall victim to Russia-friendly hackers again – EURACTIV.com \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
BankInfoSecurity	a year ago	Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks
Securityaffairs	a year ago	Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions
CERT-EU	a year ago	Cyberattacks target Icelandic official websites, tech companies
CERT-EU	a year ago	Russian Hacktivists Overwhelm Spanish Sites With DDoS
CERT-EU	a year ago	Hackers Attacking Czech Banks Demanded to Stop Ukraine's Financial Support - Reports
Securityaffairs	2 years ago	Updates from the MaaS: new threats delivered through NullMixer
BankInfoSecurity	a year ago	Red Cross Tells Hacktivists: Stop Targeting Hospitals
CERT-EU	a year ago	European Leaders Meet in Iceland to Count Cost of Russia's War
CERT-EU	2 years ago	Finland joins NATO in major blow to Russia over Ukraine war
CERT-EU	a year ago	What's in a NoName? Researchers see a lone-wolf DDoS group \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting