Swedish & Ukrainian Organizations Attacked By NoName


The list of Ukrainian organizations attacked by NoName continues to expand. In the latest move, the pro-Russian hacker group has launched cyberattacks on several government and armed forces websites from Ukraine and Sweden.

Cybersecurity researchers from FalconFeedsio posted screenshots of the cyberattacks. The Ukrainian organizations attacked by NoName included the Portal of Security Service of Ukraine and the website of the Ministry of Energy.

Ukrainian organizations attacked by NoName

The NoName group posted screenshots of the websites it targeted on its leak site as shown below:

Image
(Photo: FalconFeedsio)

Among the recent names added to its victim list, NoName included two Sweden websites — The Swedish Armed Forces and the Swedish Parliament websites.

Swedish & Ukrainian Organizations Attacked By NoName
Ukrainian Organizations Attacked by NoName
(Photo: FalconFeedsio)

The website of the Security Service of Ukraine, the main intelligence and security agency of the Ukrainian government, was inaccessible at the time of publishing this report.

So was the website of the National Academy of the Security Service of Ukraine. The academy imparts legal and cybersecurity training among others.

However, the website of the Ministry of Energy of Ukraine was accessible, and showed no signs of a DDoS attack. It is the nation’s prime body that oversees the work in relation to electric power generation, nuclear-industrial, and oil-gas complexes.

The website of the city of Kyiv was also accessible at the time of writing. Suggesting that not all the launched cyberattacks were successful. The Cyber Express contacted the public relations department, but is yet to receive a reply.

The Bratstvo party website of a Ukrainian political party was next on the list of the Ukrainian organizations targeted by NoName. The website of Bratstvo was accessible at the time of writing.

The portal for the train schedule of Kyiv city was unreachable at the time of writing. All of these are the latest in the long list of Ukrainian organizations attacked by NoName. It expands exponentially when other European targets are added.

Among the Swedish targets was the website of the Swedish armed forces which is headquartered in Stockholm. The website of the Swedish Parliament was last on the list of victims of the NoName hacker group. Both websites were accessible at the time of writing.

NoName, Ukraininan organisations, and beyond

NoName has been targeting several nations’ government and defense force websites, which showed support to Ukraine in the Russo-Ukrainian war. It is an unorganized group that targets vulnerable systems of organizations with malware called Bobik.

European nations such as Germany, Italy, and Sweden, NATO organizations, as well as businesses and public entities in these countries were free game for the threat group.

Dubbed NoName057(16) by researchers, the threat group has been active since the early days of the war in Ukraine, and has since conducted a range of high-profile attacks on various targets.

Most recently, the group disrupted services across the financial sector of Denmark, highlighting the potential risks that cyberattacks pose to critical infrastructure.

Apart from the Ukrainian organizations attacked by NoName, the greatest hits in the threat group’s playlist were businesses and organizations in Poland, Lithuania, and other countries.

A notable attempt started on January 11, when NoName reportedly began targeting the websites of candidates in the upcoming 2023 Czech presidential election, reported cybersecurity firm SentineOne.

“Initial attacks focused on Ukrainian news websites, while later shifting to NATO associated targets,” said the SentinelOne report.

“For example, the first disruption the group claimed responsibility for were the March 2022 DDoS attacks on Ukraine news and media websites Zaxid, Fakty UA, and others. Overall the motivations center around silencing what the group deems to be anti-Russian.”

Despite the group’s efforts to remain anonymous, researchers at SentinelLabs have identified several tools and tactics used by NoName057(16) to carry out their attacks.

These include public Telegram channels used for communication, a volunteer-fueled DDoS payment program, a multi-OS supported toolkit, and GitHub, among other methods.





Source link