Project Ddosia

Threat Actor updated a month ago (2024-11-29T14:33:50.115Z)

Download STIX

Preview STIX

Project DDoSia, orchestrated by the Russian hacker group "NoName057(16)", has been identified as a significant threat actor in the cybersecurity landscape. The group's activities have increased since the onset of the Ukraine conflict, with a specific focus on executing massive Distributed Denial-of-Service (DDoS) attacks against pro-Ukraine entities such as NATO members. This initiative is designed to spur Russian hacktivists to launch similar attacks on NATO states, thereby disrupting online services on a large scale. In November 2023, without any prior announcements, the threat group released an updated version of Project DDoSia. A significant update was dropped on the project's Telegram channel on November 11, 2023, expanding processor support to 32-bit and adding FreeBSD compatibility. This unexpected move marked a strategic shift in the group's operations, demonstrating their commitment to enhancing the capabilities of their cyber-attack tools. The cybersecurity researchers at Sekoia have been closely monitoring this threat actor and its activities. They discovered that the new Project DDoSia ZIP archive contains two folders, one named d_eu and the other d_ru, which are specified for users in different geographical locations. This indicates a targeted approach towards their cyber-attacks. As the Ukraine conflict continues, nationalist hacktivist groups like "NoName057(16)" are expected to intensify their efforts, making Project DDoSia a significant concern for global cybersecurity.

Description last updated: 2024-11-04T11:01:56.119Z

What's your take? (Question 1 of 0)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Ddosia is a possible alias for Project Ddosia. DDosia is a threat actor group that has been actively involved in executing Distributed Denial of Service (DDoS) attacks against government and private organization websites, primarily targeting Western nations supporting Ukraine amidst the ongoing Russian invasion. In July 2022, DDoSia launched a c	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Project Ddosia Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
InfoSecurity-magazine	2 months ago	UK Council Sites Recover Following Russian DDoS Blitz
CERT-EU	10 months ago	Cyber Security News Weekly Round-Up : Vulnerabilities & Cyber Attacks \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	10 months ago	Project DDoSia - Russian Hackers Planning Massive DDoS Attack \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	10 months ago	Russian Hackers "NoName057(16)" Planning Massive DDoS Attack \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	10 months ago	Hacktivist Collective NoName057(16) Strikes European Targets
CERT-EU	10 months ago	NoName057(16)’s DDoSia project: 2024 updates and behavioural shifts