Home » DDoSia project

DDoSia project

DDoSia project is a Distributed Denial of Service (DDoS) attack toolkit, developed and used by the pro Russia hacktivist nationalist group NoName057(16) against countries critical of the Russian invasion of Ukraine. The DDoSia project was launched on Telegram in early 2022 and has reached over 10,000 users.

Sekoia.io’s TDR analysts have published a new blogpost in which they provide a detailed and technical analysis of the #DDoSia Project by NoName057(16). The blogpost :

  • Explains in detail how the DDoSia project works and how it communicates using various channels like Telegram.
  • Provides a step-by-step guide on how to execute the sample and analyze the targets.
  • Offers an analysis of the network interactions carried out between the client and the C2 servers.
  • Shows reverse engineering techniques used by TDR analysts to decrypt encrypted data in order to identify targets, including Ukraine and NATO countries. A list of indicators of compromise (IoC) is also available at the end of the blogpost.

To read more about Noname057(16) TTPs and targets : https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/

Feel free to dicover other glossary and read other TDR analysis here :

 
Take a tour of our XDR platform

Others Terms

Calisto(COLDRIVER)

Calisto is a reputed threat actor close to Russia and also known as COLDRIVER.

APT(Advanced Persistent Threat)

APT (Advanced Persistent Threat) is a sophisticated attack on an organization that can take months to identify and remove. It is also used as a term for malware designed to steal information from a targeted organization.

Échangez avec l’équipe

Vous souhaitez en savoir plus sur nos solutions de protection ?
Vous voulez découvrir nos produits de XDR et de CTI ?
Vous avez un projet de cybersécurité dans votre organisation ?
Prenez rendez-vous et rencontrons-nous !