A coordinated global law enforcement effort has taken down key elements of a pro-Russian cybercrime network responsible for a wave of distributed denial-of-service (DDoS) attacks against Ukraine and its allies, according to Europol, the European Union’s law enforcement agency.
Dubbed Operation Eastwood, the crackdown targeted the hacker group known as NoName057(16). Dutch authorities had previously identified the group as being behind a series of cyberattacks on municipal websites and organizations connected to a NATO summit in the Netherlands.
Europol revealed that this cybercriminal group had also carried out attacks in Germany, Sweden, and Switzerland.
The operation successfully disrupted the group’s global infrastructure, which involved over 100 computer systems. A large portion of the group’s core servers has also been taken offline, Europol said in its statement.
Law enforcement and judicial bodies from 13 countries — including France, Finland, Germany, Italy, Lithuania, Poland, Spain, Sweden, Switzerland, the Czech Republic, the Netherlands, and the United States — coordinated simultaneous actions against both the group’s members and its infrastructure.
German authorities issued six arrest warrants for suspects based in Russia, including two individuals believed to be leading figures in the organization. Five of these suspects were listed on Europol’s “Europe’s Most Wanted” database.
Meanwhile, one individual was provisionally arrested in France, and another suspect was taken into custody in Spain. The FBI played a role in the U.S. leg of the operation, Europol confirmed.
In France, prosecutors reported that one suspect is currently in custody and communications equipment has been seized, though formal charges have not yet been brought.
Switzerland, though not a member of the EU, was also actively involved. Swiss federal prosecutors said that joint investigations with Europol and local law enforcement had helped identify three top members of the NoName057(16) group. The group is suspected of carrying out over 200 attacks on Swiss websites.
Swiss prosecutors began their investigation in June 2023 after a series of DDoS incidents, including one that disrupted a video speech by Ukrainian President Volodymyr Zelenskyy to the Swiss parliament and another that affected the Eurovision Song Contest held in Basel earlier this year.
Europol noted that the cybercriminal group initially focused on Ukrainian institutions, but later shifted to targeting NATO countries and other supporters of Ukraine’s defense against Russia’s invasion.
Authorities in the participating countries also reached out to hundreds of individuals suspected of supporting the group to inform them about the crackdown and their potential legal responsibility.
According to Europol, the group’s members are mostly Russian-speaking sympathizers using automated tools to launch DDoS attacks. Though lacking in formal leadership or advanced technical skills, their actions are driven by ideological motives and financial incentives.
Recruits were often paid in cryptocurrency and enticed using online gaming elements such as leaderboards and digital badges — a strategy aimed especially at younger individuals. Europol described this method as “gamified manipulation,” emotionally reinforced with messages portraying the group’s activities as defending Russia or retaliating against political events.
Also Read:
US judge says China’s Huawei Technologies must face criminal case for racketeering and other charges
Republicans Weigh Modifications to Trump’s $9.4 Billion Spending Cut Proposal
