NoName Hacker Group Targets Italian Banks

5 Aug 2023

This blog is also accessible in: Hebrew language.

The ACN, the Italian authority responsible for Cybersecurity, disclosed that numerous prominent Italian banks experienced an involuntary shutdown due to a DDoS assault (where hackers try to overload a network with an abnormally huge amount of data traffic, consequently causing it to malfunction). The pro-Russian hacker collective named NoName has been accused of this incident. On their Telegram channel, NoName asserts that the series of attacks commenced during Tuesday morning.

Photo i-hls.com

According to the information posted by the ransomware gang, some of the organizations that fell victim to their attack were Banca Monte dei Paschi di Siena, Che Banca, and Fideuram. It's worth noting that Fideuram operates as a subsidiary of Intesa Sanpaolo, which is recognized as the leading bank in Europe and the second-largest globally, as stated on their official website.

ACN announced that it discovered the revival of Distributed Denial of Service assault campaigns conducted by the pro-Russian organization towards important national institutions. However, an undisclosed insider at one of the banks that were targeted claimed that the disturbance was brief and that customers were still able to complete transactions using the bank's mobile application.

As per the report by Cybernews, an infamous hacker group with pro-Russian motives initiated their attacks on Italy starting from July 31st. It appears that NoName is greatly discontented regarding a recent gathering between Italy's Prime Minister Giorgia Meloni and US President Joe Biden, during which they conversed about the conflict transpiring in Ukraine.

NoName shared a comment stating, "The admiration for the Ukronazi figure persists in Western countries with strong negative feelings towards Russia... And we want to reiterate to the Italian authorities, who hold strong anti-Russian sentiments, that we are closely watching these actions."

During the period of their operations, NoName rose to prominence as a significant cyber threat during the early stages of the Russian invasion of Ukraine. Initially, their targets were primarily within the Ukrainian banking sector, but they have since redirected their efforts towards NATO member nations that are supportive of Ukraine. Very recently, they carried out cyber attacks on essential infrastructure in Poland, Denmark, and Lithuania, along with targeting the French parliament, as well as Switzerland's financial and aviation industries. Additionally, they have also launched attacks on major European ports located in Italy, Germany, Spain, and Bulgaria.

Moreover, in January 2023, NoName was offering digital currency rewards to volunteer hackers in return for participating in the group's DDoS assaults.