Project Ddosia

Threat Actor Profile Updated 2 months ago
Download STIX
Preview STIX
Project DDoSia is a threatActor initiative orchestrated by the Russian hacker group "NoName057(16)" which aims to execute large-scale distributed denial-of-service (DDoS) attacks, particularly against pro-Ukraine entities such as NATO members. The group's activities have escalated since the onset of the Ukraine conflict, with a primary focus on disrupting online services through these extensive attacks. Unexpectedly, in November 2023, the group released an updated version of Project DDoSia without any prior announcements, demonstrating their evolving capabilities and intent. The update was dropped on Project DDoSia’s Telegram channel on November 11, 2023, and included expanded processor support to 32-bit and added FreeBSD compatibility, indicating a broader potential range of targets. Cybersecurity researchers at Sekoia have been closely monitoring the group's activities and have identified that NoName057(16) has been actively planning these massive DDoS attacks. This highlights the growing threat posed by nationalist hacktivist groups like NoName057(16), particularly since the escalation of the Ukraine conflict. The new version of Project DDoSia contains two folders within its ZIP archive, named d_eu and d_ru, suggesting specific targeting strategies for different geographical locations. This development underscores the sophistication and complexity of the threat posed by NoName057(16) and Project DDoSia. The group has gained notoriety due to their involvement in these large-scale DDoS attacks, and their continued activity indicates an ongoing cybersecurity threat that requires vigilant monitoring and robust defensive measures.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Ddosia
1
Ddosia, a project launched by the pro-Russian hacktivist group NoName057(16), is a significant threat actor that has been facilitating continuous DDoS attacks on government and private organization websites. Initiated in July 2022, the Ddosia project mirrors similar initiatives like the pro-Ukrainia
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ddos
Ukraine
Denial of Se...
Telegram
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Noname057(16)’s DdosiaUnspecified
1
None
Source Document References
Information about the Project Ddosia Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
4 months ago
Cyber Security News Weekly Round-Up : Vulnerabilities & Cyber Attacks | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
4 months ago
Project DDoSia - Russian Hackers Planning Massive DDoS Attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
4 months ago
Russian Hackers "NoName057(16)" Planning Massive DDoS Attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
4 months ago
Hacktivist Collective NoName057(16) Strikes European Targets
CERT-EU
4 months ago
NoName057(16)’s DDoSia project: 2024 updates and behavioural shifts