Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

Operation Eastwood: Pro-Russian hacker group NoName057(16) dismantled

Redazione RHC : 16 July 2025 14:31

As part of the investigations conducted by the Rome Public Prosecutor’s Office and coordinated by the National Anti-Mafia and Anti-Terrorism Directorate, the Postal Police has completed important investigative activities in Operation Eastwood against the pro-Russian hacker group known as “NoName057(16)”, simultaneously with similar activities in Germany, the United States, the Netherlands, Switzerland, Sweden, France, and Spain.

Since March 2022, the NONAME group has carried out thousands of attacks on government websites, public administration sites, public transport infrastructures, banking institutions, healthcare institutions, and telecommunications in several European countries.

The investigations, coordinated internationally by Eurojust and Europol, have identified numerous members of the group, revealing the identity of those behind the remote servers, Telegram accounts, and cryptocurrency payments linked to the hacker crew.

Five international arrest warrants have also been issued against five Russian nationals, two of whom are believed to be leaders of the organization. More than 600 servers in various countries were deactivated and some seized, as they constituted the criminal infrastructure from which the attacks were launched.

NONAME recruited sympathizers, distributing lists of Western targets and then claiming responsibility for the attacks through its own anonymous Telegram channels. With the DDosia Project channel, NONAME provided software to access and operate within the group.

The criminal infrastructure was structured across a central command and control level in the Russian Federation, intermediate servers dedicated to signal anonymization and trace dispersal, and thousands of computers made available to NONAME by its members for attacks.

NONAME coordinated the attacks from Russian territory, rewarding its members in cryptocurrencies. “DDOS” (Distributed Denial of Service) attacks, involving large numbers of simultaneous connections from computers to the targeted sites, were aimed at causing their collapse and temporary unusability, with significant repercussions on the provision of public services.

In Italy, investigations by the CNAIPIC, together with the Postal Police Operations Centers of Piedmont, Lombardy, Veneto, Friuli-Venezia Giulia, Emilia-Romagna, and Calabria, led to the identification of 5 individuals, believed to be members of the group having carried out attacks on national and European infrastructures.

The Rome Public Prosecutor’s Office issued search warrants against them, which were executed by the same offices. Other positions are also being examined. It is emphasized that those under investigation and who are being prosecuted are presumed innocent until their guilt has been legally established by a final judgment.

Overall Results of Operation Eastwood

  • 2 arrests (1 preliminary arrest in France and 1 in Spain)
  • 7 arrest warrants issued (6 from Germany and 1 from Spain)
  • 24 house searches (2 in the Czech Republic, 1 in France, 3 in Germany, 5 in Italy, 12 in Spain, 1 in Poland)
  • 13 people interviewed (2 in Germany, 1 in France, 4 in Italy, 1 (in Poland, 5 in Spain)
  • Over 1,000 supporters, including 15 admins, have been notified of their legal liability via a messaging app
  • Over 100 servers down worldwide
  • Most of NoName057(16)’s core infrastructure has been taken offline

Countries Participants

  • Czech Republic – National Agency for Counterterrorism, Extremism and Cybercrime
  • Finland – National Bureau of Investigation (NBI)
  • France – National Cybersecurity Unit of the National Gendarmerie, Paris Public Prosecutor’s Office – National Jurisdiction against Organized Crime (JUNALCO)
  • Germany – Federal Criminal Police Office (Bundeskriminalamt), Frankfurt am Main Public Prosecutor’s Office – Cybercrime Center
  • Italy – State Police (Polizia di Stato)
  • Lithuania – National Police
  • Netherlands – National Police (Politie), Public Prosecutor’s Office
  • Poland – Central Cybercrime Office
  • Spain – Guardia Civil, National Police (Policía Nacional)
  • Sweden – Polisen
  • Switzerland – Federal Office of Police fedpol and Office of the Attorney General of Switzerland (OAG)
  • United States – Federal Bureau of Investigation

Support countries

  • Belgium
  • Canada
  • Denmark
  • Estonia
  • Latvia
  • Romania
  • Ukraine

Participating EU agencies

  • Europol
  • Eurojust
  • ENISA

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli
Categories
Banner
Redhotcyber is an open-news project that was launched in 2019 and subsequently expanded into a network of individuals collaborating to disseminate information and topics focused on technology, Information Technology, and cybersecurity. Its goal is to increase risk awareness among an ever-growing number of people.

Editorial board : [email protected]

Facebook Linkedin Youtube Telegram Twitter Pinterest Tumblr