An international law enforcement operation, dubbed ‘Operation Eastwood,’ has successfully disrupted the activities of the pro-Russian cybercrime network known as NoName057(16). The operation, coordinated by Europol and Eurojust, targeted the group’s infrastructure, which was allegedly used to carry out a series of Distributed Denial-of-Service (DDoS) attacks. The victims of these attacks were primarily entities in Ukraine and countries that have shown support for Ukraine, including many EU Member States. The group’s targets were diverse and included government institutions, critical infrastructure, and private companies, with the attacks allegedly timed to coincide with significant political events to maximize their disruptive impact.
NoName057 is described as a pro-Russian hacktivist group that emerged after the start of the full-scale invasion of Ukraine. The group allegedly operated by recruiting Russian-speaking sympathizers through online channels and social media. They are accused of using gamified manipulation and cryptocurrency rewards to incentivize supporters to participate in their DDoS campaigns, which aimed to overwhelm their targets’ websites and online services with a flood of internet traffic. The group allegedly used a tool called ‘DDoSia’ to coordinate these attacks, leveraging a network of supporters to amplify their impact.
The global operation involved law enforcement and judicial authorities from twelve countries, including the United States. The coordinated action led to the disruption of over one hundred computer systems and the takedown of a significant part of the group’s central server infrastructure. Law enforcement authorities conducted 24 house searches, questioned 13 individuals, and made two arrests. In a significant development, authorities have issued seven international arrest warrants and have now publicly identified five key fugitives on Europol’s ‘Most Wanted’ list. The individuals sought are Andrey Muravyov, Maxim Lupin, Olga Evstratova, Mihail Evgeyevich Burlakov, and Andrej Stanislavovich Avrosimow. While the group’s main activity was DDoS attacks, the provided information does not mention any specific data leaks.
