Spain has apprehended three individuals accused of executing cyberattacks as part of a well-known pro-Russian hacker group targeting Ukraine and NATO countries that support Ukraine.
The Spanish Civil Guard announced on 20 July that they had detained the suspects in Manacor, Balearic Islands, and in the province of Andalusia. The individuals are alleged to have conducted Distributed Denial-of-Service (DDoS) attacks on governmental institutions and strategic sectors of nations backing Ukraine. These cyberattacks have been occurring since Russia launched its full-scale invasion of Ukraine.
According to the Civil Guard, the detained hackers are members of the Russian “hacktivist” group “NoName057(16).” This group emerged in March 2022, initially targeting Ukrainian government and media websites before expanding its operations to include Western governmental, economic, and logistical structures, particularly in NATO member countries.
Group Profile and Activities
“NoName057(16)” relies heavily on volunteers to carry out its cyberattacks. The group has previously released its crowdsourced botnet “DDoSia,” along with detailed instructions in Russian and English for conducting DDoS attacks using this tool. Their operational strategy showcases a blend of grassroots mobilisation and sophisticated cyber tactics.
In a statement, the Civil Guard noted ongoing investigations to identify other participants involved in these cyberattacks. The group’s adaptability and volunteer-driven approach have made it a persistent threat in the cyber domain.
Collaborations and Connections
“NoName057(16)” has a history of collaboration with other prominent Russian cyber entities sharing similar objectives. The group has worked alongside “Killnet,” “XakNet Team,” and “CyberArmyofRussia_Reborn,” reflecting a coordinated effort among these cyber actors.
In a report published in September 2022 and updated in April 2024, Mandiant Intelligence suggested with moderate confidence that “XakNet Team” and “CyberArmyofRussia_Reborn” coordinate their operations with Russia’s Main Intelligence Directorate (GRU) unit known as “Sandworm,” or Advanced Persistent Threat (APT) 44. The report also indicated that “Killnet” likely maintains limited ties with the GRU.
Read also:
Hungarian Foreign Minister Szijjártó Refuses to Summon Russian Ambassador Over 2022 Cyberattack
Click here for more News & Current Affairs at EU Today
_________________________________________________________________________________________________________