Hackers supporting Russia forced to cease server operations
In a significant move against cybercrime, an international operation codenamed **Operation Eastwood** was launched to dismantle the activities of the pro-Russian hacker group **NoName057(16)**[1][2][3]. Coordinated by Europol, Eurojust, and law enforcement agencies from 12 countries, including Germany, the operation aimed to disrupt the group’s infrastructure and halt their cyberattacks.
### The Activities of NoName057(16)
Since early 2022, NoName057(16) has conducted a series of **distributed denial-of-service (DDoS) attacks** on over 250 targets across Germany and other European countries, as well as NATO member states[1][2][3]. The group targeted critical infrastructure such as government agencies, banks, and entities involved in political events, causing disruption and aiming to influence decisions.
### Support Network and Methods
The hacker group mobilized an estimated 4,000 supporters, recruited through Telegram channels, forums, and messaging apps[1][2]. They used the open-source DDoSia platform and a botnet consisting of several hundred servers to scale up attacks. The group employed gamification techniques, including leaderboards, badges, and cryptocurrency rewards, to incentivize participation and maintain engagement[1][2].
### International Action and Impact
Operation Eastwood involved the disruption of over 100 servers hosting NoName057(16)'s infrastructure and the execution of 24 house searches across multiple countries[1][2][3]. There were two arrests (one each in France and Spain) and seven European arrest warrants issued, with six warrants issued by Germany targeting individuals believed to reside in Russia, including two suspected primary operators of the group[1][2][3].
Authorities sent warnings via Telegram to over 1,100 participants and 17 administrators about their legal responsibility[2][3]. Despite disruption, law enforcement officials acknowledge that the group’s core operators being in Russia likely means the group may rebuild its infrastructure, and new attacks continue to be announced by the group[3].
### Impact on Germany and NATO
Germany faced the heaviest impact, with at least 14 attack waves affecting around 230 organizations such as arms factories, power suppliers, and government bodies[1][3]. NATO member countries and allies supporting Ukraine were frequently targeted, including Sweden, Switzerland, the Netherlands, and others[1][2][3]. While the attacks caused disruption, most were mitigated without major operational failures[2].
In conclusion, the international law enforcement response through Operation Eastwood dealt a significant blow to NoName057(16) by dismantling a large portion of their infrastructure and apprehending key members. However, with leadership suspected to remain in Russia, the threat is expected to persist despite recent setbacks[1][2][3].
- The dismantling of NoName057(16) was a crucial step in protecting the general-news landscape, as the group had conducted DDoS attacks on entities involved in political events.
- Law enforcement agencies, working on Operation Eastwood, managed to seize control of several hundred servers used in technology-based crimes by NoName057(16), highlighting the importance of cybersecurity in the crime-and-justice sphere.
