"Pro-Russia Group NoName057(16) Targets Ukraine and NATO Countries"

NoName057(16), also known as 05716nnm or Nnm05716, is responsible for a wave of Distributed Denial-of-Service (DDoS) attacks targeting companies in Ukraine and NATO nations, according to SentinelOne researchers. The attacks began in March 2022, targeting government and critical infrastructure organizations. The threat actor recently disrupted services in Denmark's financial sector, and subsequent attacks have targeted organizations and enterprises in Poland, Lithuania, and more. On January 11, SentinelLabs detected NoName057(16) attacking the websites of 2023 Czech presidential candidates. Researchers were able to identify the group's operations through public Telegram channels. SentinelLabs researchers have also identified a volunteer-driven DDoS payment program, a multi-OS supported toolset, and GitHub. The malicious actor uses GitHub for its activities, such as hosting a DDoS tool website. There are related GitHub repositories for hosting the current version of their tools, which are advertised on the Telegram channel. The group's command-and-control (C2) was primarily hosted by the Bulgarian telecommunications company Neterra. This article continues to discuss the pro-Russian NoName057(16) group targeting organizations in Ukraine and NATO countries with DDoS attacks.

Security Affairs reports "Pro-Russia Group NoName057(16) Targets Ukraine and NATO Countries"