NoName057

Threat Actor Profile Updated 2 months ago
Download STIX
Preview STIX
NoName057 is a threat actor group known for its pro-Russian stance and execution of cyber-attacks with political motivations. In August 2023, the group made headlines when it launched Distributed Denial of Service (DDoS) attacks against multiple Czech banks and the Czech stock exchange. These attacks were reportedly in response to the financial support provided by these institutions to Ukraine. The group's activities escalated further when they claimed responsibility for a series of cyber-attacks as retaliation for Finland joining NATO. Their targets included prominent organizations such as Komercni Banka, CSOB, Air Bank, Fio Banka, and Ceska sporitelna. The threat actor group continued its wave of cyber-attacks throughout 2023, targeting various entities associated with countries perceived to be opposing Russia. According to the CyberPeace Institute, third parties have attributed 924 attacks to NoName057, making them one of the most active pro-Russian hacker groups. Their activities extended beyond financial institutions, with the group claiming responsibility for ransomware attacks and DDoS attacks on various websites. Some of their notable targets included Talanx, the Federal Office of Logistics and Mobility, Hamburger Feuerkasse, and the German Customs Administration. In October 2023, the group expanded its range of targets to include government websites in the Czech Republic. The targeted sites included the Interior Ministry, police force, Prague Airport, and both the lower and upper houses of parliament. Despite the ongoing investigations and efforts to mitigate their activities, official responses from the affected organizations have been limited. This lack of information has led to uncertainty about the full extent of the damage caused by NoName057's attacks and the veracity of the claims made by the group.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ddos
Telegram
Russia
Ransomware
Nato
Ukraine
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
KillNetUnspecified
2
Killnet is a pro-Russian threat actor group that has been linked to a series of disruptive cyberattacks, particularly targeting governments and organizations that have expressed support for Ukraine. The group's activities gained prominence after Russia was banned from the 2022 FIFA World Cup due to
Anonymous SudanUnspecified
1
Anonymous Sudan, a threat actor group known for its malicious cyber activities, has recently been the subject of increased attention in the cybersecurity industry. This entity, which could consist of a single individual, a private company, or part of a government organization, is responsible for exe
Anonymous RussiaUnspecified
1
Anonymous Russia, a malicious software (malware), has been associated with significant cyber-attacks, accounting for more than 30% of such incidents. This malware is affiliated with other hacktivist groups including Killnet, MIRAI, Venom, and has been involved in promoting Passion. Anonymous Russia,
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the NoName057 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
5 months ago
2024, the year of elections and politicaly motivated DDOS attacks – Netscout comments – Global Security Mag Online
CERT-EU
6 months ago
NoName057 Ransomware Attack Hits German, Ukrainian Sites | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
7 months ago
2023 - A Significant Year For Cyber Incidents
CERT-EU
7 months ago
Les actus cybersécurité qui touchent la Suisse (4 décembre 2023)
CERT-EU
9 months ago
AI Act's last mile, MEPs throw the gauntlet on EUCS
CERT-EU
a year ago
Dutch ports fall victim to Russia-friendly hackers again – EURACTIV.com | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
BankInfoSecurity
10 months ago
Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks
Securityaffairs
10 months ago
Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions
CERT-EU
a year ago
Cyberattacks target Icelandic official websites, tech companies
CERT-EU
a year ago
Russian Hacktivists Overwhelm Spanish Sites With DDoS
CERT-EU
10 months ago
Hackers Attacking Czech Banks Demanded to Stop Ukraine's Financial Support - Reports
Securityaffairs
a year ago
Updates from the MaaS: new threats delivered through NullMixer
BankInfoSecurity
9 months ago
Red Cross Tells Hacktivists: Stop Targeting Hospitals
CERT-EU
a year ago
European Leaders Meet in Iceland to Count Cost of Russia's War
CERT-EU
a year ago
Finland joins NATO in major blow to Russia over Ukraine war
CERT-EU
10 months ago
What's in a NoName? Researchers see a lone-wolf DDoS group | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
a year ago
Dutch ports fall victim to Russia-friendly hackers again