A Rolling Campaign Of Russian Inspired DDoS Attacks
A prolific hacktivist group has launched a series of devastating Distributed Denial-of-service (DDoS) attacks for two years supporting its pro-Russian, anti-Western agenda. According to the latest blog from NetScout the group, which it calls NoName057(16), has conducted over 1,500 DDoS attacks since Russia's failed invasion attempt on Ukraine began in March 2022.
The NoName group has gained notoriety by developing and distributing custom malware, notably the DDoSia attack tool. They are strategically concentrating their efforts on Western nations and NATO members, aligning closely with pro-Kremlin geopolitical interests.
In fact, Czech Republic, Poland and Spain have endured the highest volume of attacks, while the most targeted industry was critical public infrastructure, namely governmental administration sites, revealing the political agenda and goals of the group.
In terms of attack methodology, the threat actor almost exclusively uses HTTPs-based attack vectors designed to consume targets' bandwidth and resources.
The DDoSia attack tool works by by over-whelming target sites with many concurrent junk HTTPs requests, with the tool having cross-platform functionality, it is compatible with Windows, Linux, and macOS systems, reflecting a clear attempt by the group to broaden its user base.
NoName has encouraged ideologically motivated hacktivist volunteers to launch attacks on its behalf by offering digital currency payments to participants in exchange for supplied attack traffic.
The group has successfully outsourced the growth and maintenance of their attack infrastructure, while at the same time seeking to make it more challenging for defenders to successfully mitigate attacks.
NetScout: NetScout: NetScout: FINN Partners: Image: Beebright
You Might Also Read:
Russia Steps Up Cyberwar Against Ukraine:
___________________________________________________________________________________________
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible