Operation Eastwood has disrupted the pro-Russian cybercrime network NoName057(16). Law enforcement agencies raided 24 locations, arrested two individuals, issued seven additional warrants, and took down over 100 criminal servers worldwide.
Between July 14 and 17, law enforcement agencies took global action against a well-known pro-Russian cybercriminal network. NoName057(16) has repeatedly targeted Ukraine and its allies, many of which are NATO member states.
For example, the group launched attacks against Swedish authorities and financial institutions, while Germany endured 14 distinct waves of attacks affecting more than 250 companies. Switzerland and the Netherlands have also reported being targeted by the group.
Fortunately, according to Europol, the attacks were mitigated without causing any significant disruption.
“The actions led to the disruption of an attack-infrastructure consisting of over one hundred computer systems worldwide, while a major part of the group's central server infrastructure was taken offline,” Europol said.
Of the seven warrants issued, six were for individuals residing in Russia. Two of them are believed to be the primary orchestrators behind the group's criminal activities.
Overall results of Operation Eastwood
- 2 arrests (1 preliminary arrest in France and 1 in Spain)
- 7 arrest warrants issued (6 by Germany, and 1 by Spain)
- 24 house searches (2 in Czechia, 1 in France, 3 in Germany, 5 in Italy, 12 in Spain, 1 in Poland)
- 13 individuals questioned (2 in Germany, 1 in France 4 in Italy, 1 in Poland, 5 in Spain)
- Over 1 000 supporters, 15 of which administrators, notified for their legal liability via a messaging app
- Over 100 servers disrupted worldwide
- Major part of NoName057(16) main infrastructure taken offline
Who is behind the NoName057(16) hacker group?
According to law enforcement, NoName057(16) is an ideologically driven criminal network that supports the Kremlin's interests. It has been linked to numerous DDoS attacks since Russia began its war in Ukraine.
“During such attacks, a website or online service is flooded with traffic with the objective of overloading it and rendering it unavailable. In addition to the activities of the network, estimated at over 4,000 supporters, the group was also able to construct their own botnet made up of several hundred servers, used to increase the attack load,” Europol said.
The group recruited volunteers, friends, and even seemingly random acquaintances from gaming and hacking forums to support its cause. It distributed calls to action and shared various tutorials on how to launch attacks against pro-Ukrainian and pro-Western targets.
“Participants were also paid in cryptocurrency, which incentivised sustained involvement and attracted opportunists. Mimicking game-like dynamics, regular shout-outs, leader boards, or badges provided volunteers with a sense of status. This gamified manipulation, often targeted at younger offenders, was emotionally reinforced by a narrative of defending Russia or avenging political events,” Europol said.
Your email address will not be published. Required fields are markedmarked