Vue normale

Aujourd’hui — 19 juillet 2025Flux principal
  • ✇Euromaidan Press
  • Europol dismantles pro-Russian cyber army flooding Ukraine and its allies with attacks
    A global law enforcement campaign has dealt a blow to the pro-Russian cyber army known as NoName057(16). Europol confirmed that about 20 countries helped dismantle the network behind thousands of attacks on Ukraine’s supporters. Russia’s massive cyberattacks against Ukraine escalated shortly before the full-scale invasion in 2022. Since November 2023, Germany has documented recurring attacks tied to NoName057(16). Investigators also linked the group to incidents in 2023 and 2024 that targeted Uk
     
  • ↗️
✇Euromaidan Press

Europol dismantles pro-Russian cyber army flooding Ukraine and its allies with attacks

Par :Yuri Zoria
19 juillet 2025 à 08:09

europol dismantles pro-russian cyber army flooding ukraine its allies attacks flickr/world's direction crime cyberattack hackers coordinated crackdown wiped out over 100 systems tied kremlin-backed noname057(16) global law enforcement campaign has

A global law enforcement campaign has dealt a blow to the pro-Russian cyber army known as NoName057(16). Europol confirmed that about 20 countries helped dismantle the network behind thousands of attacks on Ukraine’s supporters.

Russia’s massive cyberattacks against Ukraine escalated shortly before the full-scale invasion in 2022. Since November 2023, Germany has documented recurring attacks tied to NoName057(16). Investigators also linked the group to incidents in 2023 and 2024 that targeted Ukrainian diplomatic efforts. While Ukraine remains a central target, the group increasingly strikes at Kyiv’s allies. These include several NATO and EU members actively supporting Ukraine’s defense against the Russian war of aggression.

Europol targets ideological cyber group tied to Russia’s war

Europol reported that between 14 and 17 July, authorities from 12 countries launched Operation Eastwood. Europol and Eurojust coordinated the joint crackdown. The effort reportedly dismantled major parts of the pro-Russian cyber army’s infrastructure, including hundreds of systems.

The network, NoName057(16), had attacked Ukraine and NATO member states. It used distributed denial-of-service (DDoS) attacks to flood websites and services with traffic. These cyber strikes targeted public services, including defense, government, energy, and financial infrastructure.

Germany issued six arrest warrants for suspects based in Russia. Two are accused of leading the group’s activities. Spain issued another arrest warrant. France and Spain also reported one arrest each. All suspects are internationally wanted.

Authorities carried out 24 house searches and questioned 13 individuals across Europe. In Spain alone, 12 searches took place. Investigators also notified over 1,000 individuals believed to support the cyber group. Fifteen of them were administrators.

Attacks tied to political and military events across Europe

Europol reports that the group’s cyberattacks were timed to coincide with high-profile political moments. In Germany, authorities experienced 14 separate attack waves since November 2023, affecting more than 250 institutions. Targets included arms factories, energy companies, and government agencies.

Other attacks struck during the European elections. Swedish government and banking websites were affected. In Switzerland, NoName057(16) launched attacks in June 2023, during a speech by Ukraine’s president to the Joint Parliament. Another wave occurred in June 2024 during the Peace Summit for Ukraine at Bürgenstock.

The most recent attack linked to the group targeted the NATO summit held in the Netherlands in June 2025. Europol notes that although the attacks caused disruption attempts, none led to substantial outages.

Recruitment tactics built on crypto rewards and gamified propaganda

Europol identifies NoName057(16) as an ideological cyber network that operated without formal leadership. The group recruited mostly Russian-speaking sympathizers, many with little technical knowledge. Its structure relied heavily on gamified propaganda and incentives.

Volunteers received cryptocurrency payments and recognition through online shout-outs, badges, and leaderboards. Europol notes this method especially appealed to younger users who felt emotionally involved in Russia’s political narratives.

The group used pro-Russian forums, messaging apps, and gaming channels to recruit and coordinate. Europol says it also developed its own botnet made up of several hundred servers. These were used to amplify DDoS attacks against selected targets.

To simplify participation, NoName057(16) distributed guides and tools like DDoSia. Europol also launched a prevention campaign warning suspected supporters of their criminal liability, delivered via the same communication platforms.

 

You could close this page. Or you could join our community and help us produce more materials like this. We keep our reporting open and accessible to everyone because we believe in the power of free information. This is why our small, cost-effective team depends on the support of readers like you to bring deliver timely news, quality analysis, and on-the-ground reports about Russia's war against Ukraine and Ukraine's struggle to build a democratic society. Become a patron or see other ways to support
❌
❌