Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by the collective, our country has suffered 487 cyber attacks between October 2024 and January 2026, placing it in third place among the most affected nations, after Germany and France.
This data emerges from a post published on the official Telegram channel of NoName057(16) , in which the group relaunches information taken from a report by the monitoring company DarkWebSonar . In the message, the collective claims incessant and systematic activity, openly defining itself as the “king of daily DDoS terror”.
According to the post, NoName057(16) has conducted over 5,500 confirmed DDoS attacks in just over a year, with a particularly high average in recent months: 894 attacks in the last 90 days . These numbers, if confirmed, describe one of the most extensive and persistent DDoS campaigns ever observed in the European hacktivist landscape.
In the message posted on Telegram, Italy is explicitly named among the group’s “main victims.” The tone is openly propagandistic : national flags, numerical counts, and slogans are used to reinforce the narrative of a coordinated, ongoing, and, according to the authors, unstoppable operation.
The post is not limited to numbers. NoName057(16) also frontally attacks the European institutions, referring to Europol’s Operation Eastwood , which it has bluntly defined as a failure. According to the group, despite the counter-actions by law enforcement, their operational capacity has not been affected in the slightest.
A particularly significant passage of the message concerns the collective’s self-definition as “the new standard of resilient hacktivism”. NoName057(16) claims its operational continuity, contrasting itself with groups considered ephemeral or disorganized, and underlines that it strikes “every day, like clockwork”.
From an Italian perspective, the 487 DDoS attacks represent a significant warning. While this type of attack doesn’t necessarily lead to data breaches or serious compromises, the impact on online services, institutional portals, and digital infrastructures can be significant, especially if repeated over time.
Even if a DDoS attack doesn’t directly compromise systems or steal data, it poses a huge problem within cybersecurity departments. Managing a continuous and often unpredictable flow of malicious traffic becomes a real operational challenge, difficult to contain over time . Analysts are forced to monitor, filter, and respond nonstop , transforming DDoS attacks into a prolonged stress on defense structures, rather than a simple technical incident.
The NoName057(16) case highlights once again how the low-intensity cyber-conflict front is now stable and continuous. The use of Telegram as a communication megaphone is not accidental: the channel becomes an integral part of the operation, an instrument of psychological and media pressure as well as technical.
While waiting for independent confirmation of the numbers released by the group, one fact remains clear: Italy is firmly on NoName057’s radar(16), and the persistence of these attacks demonstrates how DDoS continues to be a simple, cheap and still extremely effective weapon in the panorama of contemporary cyber threats.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
