DDoSia project is a Distributed Denial of Service (DDoS) attack toolkit, developed and used by the pro Russia hacktivist nationalist group NoName057(16) against countries critical of the Russian invasion of Ukraine. The DDoSia project was launched on Telegram in early 2022 and has reached over 10,000 users.
Sekoia.io’s TDR analysts have published a new blogpost in which they provide a detailed and technical analysis of the #DDoSia Project by NoName057(16). The blogpost :
- Explains in detail how the DDoSia project works and how it communicates using various channels like Telegram.
- Provides a step-by-step guide on how to execute the sample and analyze the targets.
- Offers an analysis of the network interactions carried out between the client and the C2 servers.
- Shows reverse engineering techniques used by TDR analysts to decrypt encrypted data in order to identify targets, including Ukraine and NATO countries. A list of indicators of compromise (IoC) is also available at the end of the blogpost.
To read more about Noname057(16) TTPs and targets : https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/
Feel free to dicover other glossary and read other TDR analysis here :