A very good article from Sekoia.io's blog that explains in detail the NoName057(16) DDoSia Project.
DDoSia, a tool for Distributed Denial of Service attacks, is employed by the pro-Russia nationalist group NoName057(16) against critics of the Ukrainian invasion. Launched on Telegram in early 2022, NoName057(16) has amassed 45,000 subscribers on their main channel and over 10,000 on DDoSia project channels, offering cryptocurrency payments for contributors.
The article provides an in-depth analysis of the DDoSia Project. It discusses the group's activities, their communication channels, the toolkit's functionalities, and the technical aspects of the DDoSia malware. The article also examines the group's targets, including government agencies, media outlets, private companies, and its primary focus on countries critical of Russia's actions in Ukraine. Additionally, it highlights the group's efforts to enhance the security of their malware and their evolving capabilities, indicating the likelihood of further developments in the future. The article concludes by providing indicators of compromise (IoCs) for tracking DDoSia-related activities.
