In a series of cyber attacks on media, the NoName hacker collective has targeted the online portal Alfa, owned by the Lithuanian media and the portal of an ongoing media project, “Lithuania in a Week”.
The alleged cyber attacks on Lithuania targeted two online businesses to halt the spread of what the hackers called “Russophobic statements and publications.” Evidence of the attacks can be found in the reports from check-host.net.
The Cyber Express attempted to contact the affected parties for further information on the cyber attacks on Lithuania, but technical difficulties prevented any communication. Both websites were down at the time of writing, and communication channels were limited.Â
NoName hacking group launches cyber attacks on Lithuania
These incidents are part of a series of disruptive activities carried out by various threat actors in the European region, with several groups advocating for Pro-Russian agendas.
The National Cyber Security Centre (NKSC) of Lithuania has recently recorded two cyber incidents involving the broadcasting of disinformation on a regional radio station and in a shopping center following a hacking incident related to a music streaming service.
The NKSC reported that both incidents were quickly detected, and the illegal broadcasts were stopped. The center has launched investigations into the incidents and has informed the police and other relevant authorities. While the contents of the disinformation were not disclosed, it is believed to have targeted NATO and arms supplies to Ukraine.
In addition to these incidents, DDoS attacks affected various websites and transport apps in Vilnius. Liudas Ališauskas, the head of NKSC, stated that the country was experiencing targeted DDoS attacks. The m.ticket system and the GoVilnius.lt website were specifically impacted.
Cyber attacks on Lithuania posts data breaches in Ukraine
Apart from these two cyber attacks on Lithuania, on July 3, 2023, Ukrainian banks became the target of the NoName hacking group with Pro-Russian affiliations. The Russian-linked hacktivist group has been launching a relentless campaign against Ukraine’s financial sector.
Using DDoS attacks as their primary method, the group targeted central Ukrainian banks, including First Ukrainian International Bank (PUMB), State Savings Bank of Ukraine (Oshchadbank), Credit Agricole Bank, and Universal Bank.
NoName hacking group, the pro-Russian hacking conglomerate responsible for these attacks, aimed to disrupt Ukraine’s online banking infrastructure. They targeted bank websites, authorization services, login portals, customer service systems, and loan processing services.
The Cyber attacks on Lithuania were conducted following the gang’s announcement on their encrypted Telegram channel.
NoName upgrades its attack mechanism
Prior to launching these cyber attacks on Lithuania, the NoName DDoSia Project reportedly received an upgrade, incorporating a new security mechanism to conceal the list of targets. Security researchers at Sekoia analyzed an updated version of the DDoSia attack tool developed and utilized by the group.
The tool was employed in attacks against Ukraine and NATO countries, including Lithuania, Poland, the Czech Republic, and Latvia. Additionally, France, the United Kingdom, Italy, Canada, and other EU countries were targeted politically, militarily, and economically due to their support for Ukraine.
DDoSia relies on NoName’s Telegram channels for communication, including a channel in Russian with over 45,000 subscribers and an English channel.
Interested users can join the group through the link provided and access seven different channels. Initially written in Python, the tool was updated to a version written in Golang and released on April 19, 2023. This latest version includes an additional security mechanism to conceal the target list.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
