NoName057

Threat Actor updated a year ago (2024-11-29T14:00:51.064Z)

Download STIX

Preview STIX

NoName057 is a pro-Russian threat actor or hacking group that has been implicated in several major cyber attacks, particularly distributed denial of service (DDoS) attacks. In August 2023, NoName057 launched significant DDoS attacks against Czech banks and the Czech stock exchange. The hackers demanded that these financial institutions cut off support to Ukraine, indicating geopolitical motivations behind their actions. This attack was also stated as retaliation for Finland's decision to join NATO. The group has been prolific in its activities, with third parties attributing 924 attacks to NoName057 according to the CyberPeace Institute. Among these, they were responsible for a series of ransomware attacks, targeting prominent organizations such as Talanx, the Federal Office of Logistics and Mobility, Hamburger Feuerkasse, and the German Customs Administration. The targets and nature of these attacks suggest a broad and potentially politically motivated campaign. In addition to these direct attacks, NoName057 has been active in hacktivist circles, waging political and religious warfare against nations or officials opposing their ideals and goals. They have been particularly active in Moldova, which has suffered repeated cyber attacks from this group over several months. Despite these activities, official responses or statements from targeted organizations remain sparse, leading to uncertainty about the full extent and impact of NoName057's actions.

Description last updated: 2024-10-17T12:23:47.978Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ddos

Hacktivist

Russia

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The KillNet Threat Actor is associated with NoName057. Killnet is a threat actor or group with potential ties to the Russian government, known for its disruptive cyber-attacks. This group has been linked to several politically motivated attacks, including a significant assault on the Israeli government's website leading to its paralysis. Killnet has als	Unspecified	2

Source Document References

Information about the NoName057 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	9 months ago	Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites - Security Affairs
Securityaffairs	a year ago	Pro-Russia group NoName57 targets the websites of Italian airports
DARKReading	a year ago	Russia-Linked Hacktivists Attack Japan's Govt, Ports
InfoSecurity-magazine	a year ago	Paris 2024 Olympics Face Escalating Cyber-Threats
BankInfoSecurity	a year ago	ENISA Warns About Hacktivist, Ransomware Crossover
DARKReading	a year ago	Ukraine, Gaza Wars Inspire DDoS Surge Against Finservs
CERT-EU	2 years ago	2024, the year of elections and politicaly motivated DDOS attacks – Netscout comments – Global Security Mag Online
CERT-EU	2 years ago	NoName057 Ransomware Attack Hits German, Ukrainian Sites \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	2 years ago	2023 - A Significant Year For Cyber Incidents
CERT-EU	2 years ago	Les actus cybersécurité qui touchent la Suisse (4 décembre 2023)
CERT-EU	2 years ago	AI Act's last mile, MEPs throw the gauntlet on EUCS
CERT-EU	2 years ago	Dutch ports fall victim to Russia-friendly hackers again – EURACTIV.com \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
BankInfoSecurity	2 years ago	Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks
Securityaffairs	2 years ago	Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions
CERT-EU	2 years ago	Cyberattacks target Icelandic official websites, tech companies
CERT-EU	2 years ago	Russian Hacktivists Overwhelm Spanish Sites With DDoS
CERT-EU	2 years ago	Hackers Attacking Czech Banks Demanded to Stop Ukraine's Financial Support - Reports
Securityaffairs	3 years ago	Updates from the MaaS: new threats delivered through NullMixer
BankInfoSecurity	2 years ago	Red Cross Tells Hacktivists: Stop Targeting Hospitals
CERT-EU	3 years ago	European Leaders Meet in Iceland to Count Cost of Russia's War