Operation Eastwood: Europol Leads Massive Global Crackdown on Pro-Russian Cybercrime Group NoName057(16)
Ddos 
In a sweeping international effort dubbed Operation Eastwood, Europol and Eurojust, alongside law enforcement from 12 countries, have struck a significant blow against the pro-Russian cybercrime group NoName057(16). The operation, executed between 14 and 17 July, marks one of the most coordinated cyber crackdowns in recent years.
NoName057(16) has gained notoriety for its distributed denial-of-service (DDoS) attacks targeting NATO nations, with a particular focus on countries supporting Ukraine in its defense against Russia’s aggression. According to the Europol press release, the group has a support base of over 4,000 individuals and operates using a unique blend of gamified recruitment, cryptocurrency incentives, and ideological propaganda.
“Operating without formal leadership or sophisticated technical skills, they are motivated by ideology and rewards,” Europol explains.
Recruitment drives ran through pro-Russian Telegram groups, forums, and gaming communities. Volunteers were encouraged via badges, leaderboards, and crypto rewards, crafting a dark fusion of cyberwarfare and gamified manipulation aimed at radicalizing youth.
Authorities from countries including France, Germany, Spain, the U.S., Poland, and Sweden conducted simultaneous raids, searches, and seizures leading to the following outcomes:
- 2 arrests (France and Spain)
- 7 arrest warrants issued (6 by Germany, 1 by Spain)
- 24 house searches across Europe
- 13 individuals questioned
- Over 1,000 NoName057(16) supporters notified of legal consequences
- More than 100 servers taken offline, disrupting the group’s core botnet infrastructure
- Central server infrastructure dismantled
NoName057(16)’s fingerprints are linked to multiple high-profile cyberattacks:
- In Germany, over 250 companies and institutions were attacked across 14 waves of attacks since November 2023.
- In Switzerland, attacks were synchronized with Ukrainian video addresses to the Parliament and during the Peace Summit at Bürgenstock.
- In the Netherlands, DDoS attacks coincided with the NATO summit, showcasing their intent to disrupt democratic and diplomatic processes.
“These attacks have all been mitigated without any substantial interruptions,” Europol states.
Related Posts:
- NoName057(16): Russia’s DDoS Disruptors Target the West
- Pro-Russian Hacktivists Escalate 2025 Cyber Offensive: Targeting Western Critical Infrastructure & ICS
- Pro-Russian Threat Actors Launch Coordinated DDoS Attacks Against Japanese Organizations
- Europol Leads Global Crackdown on LockBit Ransomware Syndicate
- YouTube’s Ad Blocker Crackdown Intensifies: No More Free Rides!
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
