Finnish Parliamentary Parties
April 8, 2025
•[ ddos, hacktivism ]
Pro-Russian hacktivist group NoName057(16) conducted DDoS attacks against websites of Finnish parliamentary parties, temporarily disrupting access for several hours.
Caisse Nationale de Sécurité Sociale (CNSS)
April 8, 2025
•[ data leak, hacktivism ]
Moroccos CNSS confirmed a major data breach claimed by the hacktivist group Jabaroot. The attackers accessed and leaked millions of social-security records belonging to private-sector employees and companies. CNSS stated no operational disruption or encryption occurred.
Kaukokiito
April 8, 2025
•[ denial-of-service, hacktivism, logistics ]
NoName057(16) carried out denial-of-service attacks against Kaukokiitos website, briefly disrupting logistics service access in Finland.
Czech Government – Prime Minister’s X (Twitter) Account
April 8, 2025
•[ account takeover, hacktivism, disinformation ]
On April 8 2025, hacktivists compromised the official X account of Czech Prime Minister Petr Fiala and posted fabricated messages about Russian attacks and U.S. tariffs in protest of Czech government policies. Authorities confirmed the intrusion, removed the posts, and restored control within hours. No data theft or encryption occurred.
OP Group
April 8, 2025
•[ ddos, hacktivism ]
Pro-Russian hacktivist group NoName057(16) launched DDoS attacks against OP Group, causing temporary disruption of online banking services in Finland.
Panostaja Oyj
April 8, 2025
•[ ddos, hacktivism ]
NoName057(16) hacktivists targeted Panostaja Oyjs website in a politically motivated DDoS campaign linked to Finlands ceasefire proposal on Ukraine, causing brief outages.
Taaleri Plc
April 8, 2025
•[ denial-of-service, hacktivism ]
Taaleri Plcs public website experienced temporary unavailability after a denial-of-service attack by pro-Russian hacktivist group NoName057(16) on April 8 2025.
Finnish election information portal (vaalit.fi)
April 8, 2025
•[ ddos, hacktivism, service disruption ]
Pro-Russian hacktivist group NoName057(16) carried out a DDoS attack against Finlands official election information site vaalit.fi on April 8 2025, temporarily preventing public access.
Bremanger Kraft AS
April 7, 2025
•[ hacktivism, unauthorized access, industrial control systems ]
On April 7 2025, hacktivists accessed a web-exposed control interface for Bremanger Kraft ASs hydroelectric dam in western Norway and opened a valve releasing 500 L/s of water for four hours; no casualties or structural damage reported; Norwegian authorities attributed the incident to pro-Russian hacktivists.
Everest Ransomware Leak Site
April 6, 2025
•[ ransomware, website defacement, hacktivism ]
The Everest ransomware groups dark web leak site was defaced on April 6 2025 by an unidentified anti-ransomware actor who replaced its content with the message Dont do crime. CRIME IS BAD. xoxo from Prague. Following the defacement, the Everest operators took the site offline. No data theft or encryption occurred.
Igra-Service
April 5, 2025
•[ DDoS, hacktivism, service disruption ]
Between April 5 and 8, 2025, the IT Army of Ukraine claimed responsibility for a DDoS operation against Russian internet provider Igra-Service in Krasnoyarsk Krai. According to reports, traffic reached up to 55 Gbit/s, disrupting internet and television access for several days and causing some collateral outages to Rostelecom networks. The action was described by participants as a protest campaign.
Moscow Metro
March 31, 2025
•[ hacktivism, disruption of service ]
Moscow subway website and app disrupted; site displayed Ukraine railway message before removal.
Belgian Government Websites
March 25, 2025
•[ ddos, hacktivism ]
Pro-Russian group claimed DDoS causing availability issues on Belgian government sites.
Lovit
March 22, 2025
•[ ddos, hacktivism ]
Ukrainian It Army claimed sustained ddos disrupting Russian Isp Lovit services.
National Iranian Tanker Company
March 21, 2025
•[ hacktivism, sabotage ]
Hacktivists Claimed Cyber Sabotage Targeting Vsat Systems On 116 Iranian Ships.
X (Formerly Twitter)
March 10, 2025
•[ DDoS, service disruption, hacktivism ]
Social media platform X (formerly Twitter) suffered a massive cyberattack involving a large-scale DDoS assault that caused worldwide outages and service disruptions. The company activated additional defenses through Cloudflare to mitigate the impact. The hacktivist group Dark Storm claimed responsibility for the attack, while Elon Musk suggested possible involvement of state-sponsored actors after attack traffic was traced to IPs originating from Ukraine a claim the group denied. The disruption temporarily affected user access and platform functionality, marking one of the largest attacks against X since its rebranding.
French Institutional Websites
February 28, 2025
•[ ddos, hacktivism ]
Pro-Russian group launched coordinated ddos waves against multiple French targets.
Leonardo S.p.A.
February 21, 2025
•[ ddos, hacktivism ]
Pro-Russian hacktivist group NoName057(16) launched DDoS attacks against multiple Italian entities; on Feb 21, 2025 (Day 5) several sites including Leonardo and Edison were unreachable. ACN provided support and mitigation guidance; no data theft reported.
Italian Banks
February 21, 2025
•[ ddos, hacktivism ]
ProRussia hacktivist group NoName057 launched DDoS attacks against Italian banks (Mediobanca, Nexi, Intesa, Monte dei Paschi) in retaliation for statements by the Italian president; no significant disruption according to national cybersecurity agency
CarMoney
February 21, 2025
•[ hacktivism, data leak, unverified ]
On February 21 2025, the hacktivist group Ukrainian Cyber Alliance claimed responsibility for a cyberattack on Russian vehicle-loan firm CarMoney. The group stated it destroyed digital infrastructure and exfiltrated terabytes of borrower data, including information tied to Russian military and intelligence officers. CarMoney confirmed shutting down all systems but denied any personal data compromise. No encryption or verified data leak has been independently confirmed.
