NoName057(16) had carried out thousands of attacks on Ukraine and its supporters.
An international operation spanning North America and Europe has taken down a pro-Russian cybercrime group linked to thousands of attacks on Ukraine and its allies.
In recent days, law enforcement working together in 19 countries jointly dismantled the operations of cybercrime network NoName057(16), according to a statement issued by Europol on Wednesday.
The pro-Russian group, which has been operating since 2022, initially targeted Ukraine but expanded to countries across Europe. They carried out attacks on Swedish authorities and bank websites, more than 250 German companies and institutions, and on the latest NATO meeting in the Netherlands, Europol said.
The police agency said the international operation “led to the disruption of an attack-infrastructure consisting of over one hundred computer systems worldwide, while a major part of the group’s central server infrastructure was taken offline”.
Law enforcement and judicial authorities from France, Finland, Germany, Italy, Lithuania, Poland, Spain, Sweden, Switzerland, the Czech Republic, the Netherlands and the United States took simultaneous actions against offenders and infrastructure belonging to the pro-Russian cybercrime network, it said.
The group had used the Telegram messaging app to enlist more than 4,000 volunteers, who made their systems available for swamping critical institutions’ servers with so-called distributed denial of service attacks, German prosecutors said.
The premises searched included those linked to volunteers in the Telegram group, they said.
Judicial authorities in Germany issued six arrest warrants for suspects in Russia, two of them accused of being the main leaders of the group, Europol said. Five of them were identified on Europol’s Europe’s Most Wanted website.
One suspect was placed under preliminary arrest in France and another detained in Spain, Europol said. The Paris prosecutor’s office said one person is in custody in France and communications equipment has been seized. No charges have yet been filed. In the United States, the Federal Bureau of Investigation was involved in the operation.
The attorney general’s office in Switzerland, which is not an EU member country, said in a statement on Wednesday that joint investigations between Europol and Swiss federal police helped identify three leading members of the group, which is alleged to have targeted more than 200 Swiss websites.
Swiss prosecutors opened a criminal case over the incidents in June 2023, and since then, identified several other denial-of-service attacks attributed to the activist group. The attacks included a video address by Ukrainian President Volodymyr Zelenskyy to the Swiss parliament and the popular Eurovision Song Contest, held in Basel earlier this year.
In recent years, the collective, known for promoting Russian interests, has allegedly carried out successful cyberattacks in Ukraine and on government, infrastructure, banking, health services and telecom websites in European countries that have opposed Russia’s invasion.
European authorities are increasingly concerned at the scale of the hybrid threats they say emanate from Russia, which is in the third year of its invasion of Western ally Ukraine.
Those threats, which have included killings and alleged bomb plots against institutions and cargo aircraft, have largely been attributed to state actors. Russia has denied the accusation.
Europol said that people recruited by the group were paid in cryptocurrency and motivated using online-gaming dynamics like leader boards and badges.
“This gamified manipulation, often targeted at younger offenders, was emotionally reinforced by a narrative of defending Russia or avenging political events,” Europol said.
https://www.aljazeera.com/news/2025/7/16/joint-global-operation-takes-down-pro-russian-hacking-group?traffic_source=rss
