Joannenova.com.au (Jo Nova Blog)
April 19, 2025
•[ ddos, hacktivism ]
Joannenova.com.au, an independent Australian blog run by science commentator Jo Nova, reported a distributed denial-of-service (DDoS) attack beginning around Easter Saturday (April 19 2025). The site, known for climate-skeptic and political commentary, was flooded by traffic from hundreds of thousands of IPs mainly in China, the USA, Brazil, and Europe, causing intermittent outages for about two weeks. The politically charged nature of the site suggests a hacktivist protest motive.
Russian Railways (RZhD)
April 19, 2025
•[ denial of service, hacktivism ]
The IT Army of Ukraine conducted a distributed denial-of-service attack on Russian Railways national ticketing and logistics platforms on April 19 2025, temporarily paralyzing access across multiple regions; service was restored the same day.
TickChak (external ticketing platform used by IDF units)
April 16, 2025
•[ data leak, hacktivism ]
A hacktivist using the alias Persian Prince accessed and leaked data from TickChak, an Israeli ticketing platform reportedly used by IDF units. The leak, publicized on April 16 2025, exposed personal details of tens of thousands of soldiers, including names, national ID numbers, and phone numbers. No ransom or sale was reported; the data was posted publicly to protest Israeli military actions.
Finnish Parliamentary Parties
April 8, 2025
•[ ddos, hacktivism ]
Pro-Russian hacktivist group NoName057(16) conducted DDoS attacks against websites of Finnish parliamentary parties, temporarily disrupting access for several hours.
Caisse Nationale de Sécurité Sociale (CNSS)
April 8, 2025
•[ data leak, hacktivism ]
Moroccos CNSS confirmed a major data breach claimed by the hacktivist group Jabaroot. The attackers accessed and leaked millions of social-security records belonging to private-sector employees and companies. CNSS stated no operational disruption or encryption occurred.
Kaukokiito
April 8, 2025
•[ denial-of-service, hacktivism, logistics ]
NoName057(16) carried out denial-of-service attacks against Kaukokiitos website, briefly disrupting logistics service access in Finland.
Czech Government – Prime Minister’s X (Twitter) Account
April 8, 2025
•[ account takeover, hacktivism, disinformation ]
On April 8 2025, hacktivists compromised the official X account of Czech Prime Minister Petr Fiala and posted fabricated messages about Russian attacks and U.S. tariffs in protest of Czech government policies. Authorities confirmed the intrusion, removed the posts, and restored control within hours. No data theft or encryption occurred.
OP Group
April 8, 2025
•[ ddos, hacktivism ]
Pro-Russian hacktivist group NoName057(16) launched DDoS attacks against OP Group, causing temporary disruption of online banking services in Finland.
Panostaja Oyj
April 8, 2025
•[ ddos, hacktivism ]
NoName057(16) hacktivists targeted Panostaja Oyjs website in a politically motivated DDoS campaign linked to Finlands ceasefire proposal on Ukraine, causing brief outages.
Taaleri Plc
April 8, 2025
•[ denial-of-service, hacktivism ]
Taaleri Plcs public website experienced temporary unavailability after a denial-of-service attack by pro-Russian hacktivist group NoName057(16) on April 8 2025.
Finnish election information portal (vaalit.fi)
April 8, 2025
•[ ddos, hacktivism, service disruption ]
Pro-Russian hacktivist group NoName057(16) carried out a DDoS attack against Finlands official election information site vaalit.fi on April 8 2025, temporarily preventing public access.
Finnish polling-place portal (äänestyspaikat.fi)
April 8, 2025
•[ DDoS attack, hacktivism, protest ]
On April 8 2025, NoName057(16) targeted Finlands polling-place website nestyspaikat.fi with a DDoS attack linked to protests over Ukraine policy, briefly disrupting voter-information access.
Bremanger Kraft AS
April 7, 2025
•[ hacktivism, unauthorized access, industrial control systems ]
On April 7 2025, hacktivists accessed a web-exposed control interface for Bremanger Kraft ASs hydroelectric dam in western Norway and opened a valve releasing 500 L/s of water for four hours; no casualties or structural damage reported; Norwegian authorities attributed the incident to pro-Russian hacktivists.
Everest Ransomware Leak Site
April 6, 2025
•[ ransomware, website defacement, hacktivism ]
The Everest ransomware groups dark web leak site was defaced on April 6 2025 by an unidentified anti-ransomware actor who replaced its content with the message Dont do crime. CRIME IS BAD. xoxo from Prague. Following the defacement, the Everest operators took the site offline. No data theft or encryption occurred.
Igra-Service
April 5, 2025
•[ DDoS, hacktivism, service disruption ]
Between April 5 and 8, 2025, the IT Army of Ukraine claimed responsibility for a DDoS operation against Russian internet provider Igra-Service in Krasnoyarsk Krai. According to reports, traffic reached up to 55 Gbit/s, disrupting internet and television access for several days and causing some collateral outages to Rostelecom networks. The action was described by participants as a protest campaign.
Moscow Metro
March 31, 2025
•[ hacktivism, disruption of service ]
Moscow subway website and app disrupted; site displayed Ukraine railway message before removal.
Belgian Government Websites
March 25, 2025
•[ ddos, hacktivism ]
Pro-Russian group claimed DDoS causing availability issues on Belgian government sites.
Lovit
March 22, 2025
•[ ddos, hacktivism ]
Ukrainian It Army claimed sustained ddos disrupting Russian Isp Lovit services.
National Iranian Tanker Company
March 21, 2025
•[ hacktivism, sabotage ]
Hacktivists Claimed Cyber Sabotage Targeting Vsat Systems On 116 Iranian Ships.
