A Russian affiliated hacker group dubbed NoName057(16) has launched DDoS attacks against websites linked to the 2023 Czech presidential election.
According to a Check Point research report, the group active since March 2022, executed distributed denial of service (DDoS) attacks against the Czech websites on January 11, 2023, just two days before the election day.
“The group posted on their Telegram channels that their reason for the attacks was that 4,000 Ukrainian soldiers were expected to be trained at the Libavá military training ground in the Czech Republic, and therefore they decided to ‘participate’ in the Czech elections,” Check Point wrote in a blog post.
The group continued to take down an election program website Watchman of the State organization and the Czech Statistical Office and Ministry of Foreign Affairs website in the following days.
Czech Republic authorities soon thereafter confirmed the attacks.
According to the report, NoName057(16) mainly operated via a Russian-language Telegram channel with 20,000 members. A similar English channel dubbed DDosia Projects run by volunteers act on their behalf.
“Activities are incentivized as NoName057(16) offers cash rewards to the sub-groups that volunteer, starting at 20,000 rubles ($290) and going up to 80,000 rubles (approximately $1150),” Check Point added.
The cybercriminal groups also used GitHub to host DDoS tools tied to the operation before the pages were taken down by Github.