Spanish police arrested three suspected members of the pro-Russian hacker group NoName057(16), known for carrying out distributed denial-of-service (DDoS) attacks against Ukraine’s allies.
Spain’s Civil Guard announced on Saturday that they searched the suspects’ apartments in the towns of Manacor, Huelva and Seville, seizing devices and “other evidence.”
The three alleged NoName members are suspected of their involvement in DDoS attacks against public institutions and strategic sectors in Spain and other NATO countries that support Ukraine. The attacks work by flooding targeted websites with junk traffic, making them unreachable.
NoName057(16) was established at the onset of Russia’s invasion of Ukraine in 2022 and has become known for orchestrating relatively simple and short-lived DDoS attacks with the help of hundreds of volunteers. The group’s targets mostly include European countries such as Poland, Czechia, Lithuania and Italy.
What’s special about NoName, according to Spanish police, is that for their operations, they mostly use a custom DDoS attack toolkit called DDoSia.
Researchers previously told Recorded Future News that tools like DDoSia make attacks more accessible to individuals who aren’t professional hackers but want to make money or get involved in cyber warfare from the comfort of their own homes.
Spanish law enforcement called NoName hackers “one of the most active groups” attacking Ukraine and its allies since Russia’s invasion.
The police haven’t revealed any details about the suspects and said that the investigation into the case is still ongoing and that they are trying to identify other members of the gang.
NoName hasn’t admitted if its members were indeed detained but called the actions of the Spanish police “a witch hunt.”
“Any EU resident can get into the millstones of police lawlessness. Most likely, this happened to the above-mentioned detainees,” the hackers wrote.
“The EU and US authorities are afraid of us like hell — for several years we have been causing enormous damage to all sponsors of the Zelensky criminal regime around the clock,” NoName said in a statement on Monday. “But we cannot be destroyed or intimidated. Our cyber army is growing by the hour, day by day.”
The hackers also claimed that they would launch “a massive cyberattack against the Spanish internet infrastructure” and called on its allies to join. “There will be even more of us, we will do justice and bring the truth to people to the bitter end,” they added.
Later on Monday, the group published a list of victims in Spain who were allegedly attacked, including websites of the city of Valencia and several local port websites. At the time of writing, most of the listed websites are unavailable.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
