Europol Dismantles Pro-Russian NoName057(16) Hacktivist Network

HomeNews* Authorities disrupted the infrastructure of the pro-Russian hacktivist group NoName057(16) in a global operation.

• Over 100 systems were dismantled, with two arrests made and six Russian nationals facing warrants.
• The operation involved agencies from at least 19 countries, led by Europol and supported by the United States and other partners.
• The group had recruited over 4,000 supporters online, using cryptocurrency incentives to coordinate cyberattacks.
• Several group leaders were added to the EU Most Wanted list, and officials contacted 1,000 individuals to warn them of legal risks. Law enforcement agencies from across Europe and North America have disrupted the digital infrastructure of the pro-Russian hacktivist group NoName057(16). The joint action, led by Europol and including police from at least 19 countries, targeted the group’s server network and organizers between July 14 and 17.

• Advertisement - Officials shut down 100 computer systems worldwide, according to Europol. Authorities made two arrests in France and Spain, searched over 20 residences in several European countries, and issued arrest warrants for six Russian nationals. Over 1,000 suspected supporters received notices about their potential criminal liability for helping coordinate denial-of-service (DDoS) attacks, which disrupt web services by overwhelming them with traffic.

The sweep, called Operation Eastwood, struck at NoName057(16) after it organized attacks against Ukraine and its partners using an online tool called DDoSia. The group rewarded participants with cryptocurrency payments. Five Russian suspects, including Andrey Muravyov, Maxim Nikolaevich Lupin, Olga Evstratova, Mihail Evgeyevich Burlakov, and Andrej Stanislavovich Avrosimow, were added to the EU Most Wanted list. “BURLAKOV is suspected of being a central member of the group…making a significant contribution to performing DDoS attacks on various institutions in Germany and other countries,” Europol stated.

The group, active since March 2022 after Russia’s invasion of Ukraine, reportedly gathered a network of over 4,000 online participants. They constructed a botnet—a network of hijacked servers—to boost the scale and strength of attacks. Europol noted the group used “gamified” rewards like leaderboards and badges to keep volunteers engaged and frame their actions in political terms.

According to Europol, NoName057(16) targeted Swedish authorities, German businesses, and banks in more than a dozen waves of attacks since late 2023. In July 2023, authorities in Spain arrested three individuals accused of attacking public institutions and critical sectors in NATO countries.

Recent activity suggests Russian hacktivist groups, such as Z-Pentest, Dark Engine, and Sector 16, are increasingly focusing on critical infrastructure. Authorities say these groups coordinate messaging and timing to align with strategic objectives, showing a deliberate effort to support Russian cyber goals.

Previous Articles:

• Aave Surpasses Circle, Becomes No. 2 Ethereum Business with $30B TVL
• UK Treasury Unveils Digital Strategy, Details DIGIT Bond Issuance
• Nearly 60% of Pump.fun ICO Buyers Have Sold or Transferred Tokens
• Senator Lummis Panics Over False Claims of US Bitcoin Sell-Off
• Satoshi Nakamoto Overtakes Gates, Dell as 11th Richest Globally

• Advertisement -