NoName hacker group targets Italy's top-tier banks

Italy’s national cybersecurity agency said several leading Italian banks were knocked offline Tuesday during a targeted hacker attack.

The Italian National Authority for Cybersecurity (ACN) said the hacker's distributed denial of service (DDoS) attacks targeted at least five banks.

The national security agency blamed the pro-Russian hacker group NoName057(16) for the disruption.

The attacks – which started at around 5 am ET Tuesday morning, according to NoName's encrypted Telegram channel – temporarily knocked offline the websites of at least five major Italian banks, making it impossible for customers to access banking services.

Targeted banks included Intesa Sanpaolo, Monte dei Paschi di Siena, and BPER Banca, along with FinecoBank and Banca Popolare di Sondrio, according to an ACN spokesperson.

"The website of the Italian bank "Banca Monte dei Paschi di Siena" was slammed," NoName posted about its first victim.

NoName targets Italian banks3
NoName057(16) Telegram channel

Two other banks were also named by the threat actors during the nearly 8-hour attack: Che Banca and Fideuram.

Che Banca is listed as the 16th largest bank in Italy, while Fideuram is a private bank and subsidiary of Intesa Sanpaolo, the number-one bank in Europe and the number-two bank in the world, according to its website.

ACN "identified the reactivation of Distributed Denial of Service (DDoS) attack campaigns by pro-Russian ... groups against national institutional subjects," a statement said.

An unnamed source at one of the targeted banks said that the disruption was short-lived and that its customers were still able to use the bank’s official mobile app to carry out transactions.

The agency also said it provided swift assistance to the financial institutions in order to mitigate any impact.

In DDoS attacks, hackers attempt to flood a network with unusually high volumes of data traffic causing it to crash.

Hackers target Italy over Ukraine

In reality, the pro-Russian hackers first began targeting the Italian nation and its transportation sector on July 31st.

The group's ire over a meeting held between Italian Prime Minister Giorgia Meloni and US President Joe Biden, discussing the war in Ukraine and mutual support for [Ukrainian President] “Zelensky's criminal regime.”

“The worship of the Ukronazi idol continues in the Russophobic countries of the West…And we once again remind the Russophobic Italian authorities that such actions will not remain without our attention,” the group posted.

NoName targets Italian banks4
NoName057(16) Telegram channel

Who is NoName057(16)

NoName first hit the hacking scene right around the start of the Russian invasion of Ukraine. In July, the hacktivists went after the Ukrainian banking sector.

Since then, the gang has mainly set its sites on NATO member nations allied with Ukraine, recently targeting critical infrastructure in Poland, Denmark, and Lithuania, the French parliament, and nearly a dozen attacks on Switzerland’s financial and aviation sectors this month.

Some of the largest European ports in Italy, Germany, Spain, and Bulgaria were hacked by NoName on June 16th.

In January, NoName was discovered advertising cryptocurrency payouts to volunteer hackers in exchange for joining in on the group’s DDoS attacks.

Around the same time, the group was able to take down at least half a dozen websites belonging to the 2023 Czech presidential election candidates, causing chaos just days before the elections were scheduled to begin.