An international law enforcement initiative, known as “Operation Eastwood,” has successfully disrupted the infrastructure and members of the pro-Russian hacktivist group NoName057(16), infamous for orchestrating distributed denial-of-service (DDoS) attacks across Europe, Israel, and Ukraine. This operation, led by Europol and Eurojust, saw cooperation from law enforcement agencies in twelve countries and was executed on July 15, 2025.
NoName057(16) emerged in March 2022 amid the ongoing war in Ukraine, utilizing Telegram channels and the DDoSia project to crowdsource attacks through volunteers’ computers. The group has targeted organizations and critical infrastructure deemed supportive of Ukraine, including NATO sites, government bodies, banks, and media outlets.
According to Europol, the operation resulted in the disruption of essential services across several nations, including Germany, Poland, and the Nordic countries. The targeted DDoS attacks have caused significant interruptions in operations for various sectors including arms manufacturers, energy suppliers, and governmental institutions, with a particular focus on the European elections and high-profile events like the NATO Summit.
During Operation Eastwood, law enforcement undertook searches in multiple countries, including Germany, Latvia, and Spain, leading to the disabling of over one hundred servers associated with the group’s operations. Authorities reported two arrests—one in France and another in Spain—and issued seven European arrest warrants, mostly targeting individuals believed to be residing in Russia. Experts warn that the core members of NoName057(16) may quickly recuperate, as the group is continuing to threaten new attacks against German firms.