NoName057(16) Real-Time DDoS Attack Monitoring

Detected attack on 2026-04-07_12-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 12:10:08 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom and Ukraine. The attacks include a range of sectors such as energy, government, and technology. Key countries under attack are the UK, highlighted by sites like britishgas.co.uk and poweron-uk.co.uk, and Ukraine, with targets including zp.gov.ua and mariupolrada.gov.ua. Other affected areas involve energy management and drone technology, indicating a focus on critical infrastructure and services.^{AI generated}
25 targets are under attack, 8 new targets and 17 targets from previous attack
New Targets(8): awex.com.ua, zp.gov.ua, smr.gov.ua, loga.gov.ua, www.vmr.gov.ua, adm.dp.gov.ua, www.rada-poltava.gov.ua, mariupolrada.gov.ua
Targets from prev attack(17): hinaray.com, www.poweron-uk.co.uk, nationwidedrones.co.uk, communityenergyengland.org, ukbusinessswitch.co.uk, olsenactuators.com, www.energy-uk.org.uk, www.renewableuk.com, london-drone.co.uk, thedrone.co, etendersni.gov.uk, ukerc.rl.ac.uk, nationaljourneyplanner.travelinesw.com, e.org, mysmartenergy.uk, www.britishgas.co.uk, evolvedynamics.com
Dismissed Targets(0):

Detected attack on 2026-04-07_09-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 09:10:08 +0000

Noname057(16) has targeted various websites primarily associated with the UK, particularly in the energy and technology sectors. Key countries under attack include the United Kingdom, with specific focus on organizations related to renewable energy, business switching, and drone technology. The attacks have impacted sites like RenewableUK, British Gas, and various community energy platforms.^{AI generated}
17 targets are under attack, 0 new targets and 17 targets from previous attack
New Targets(0):
Targets from prev attack(17): www.renewableuk.com, mysmartenergy.uk, ukbusinessswitch.co.uk, nationwidedrones.co.uk, e.org, communityenergyengland.org, www.britishgas.co.uk, evolvedynamics.com, thedrone.co, london-drone.co.uk, www.energy-uk.org.uk, etendersni.gov.uk, nationaljourneyplanner.travelinesw.com, www.poweron-uk.co.uk, olsenactuators.com, ukerc.rl.ac.uk, hinaray.com
Dismissed Targets(2): buckfastleigh.gov.uk, www.bristolonecity.com

Detected attack on 2026-04-07_08-35-07

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:35:07 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom, including governmental, energy, and drone-related platforms. The attacks have affected sites such as ukerc.rl.ac.uk, etendersni.gov.uk, and britishgas.co.uk, indicating a focus on critical infrastructure and public services. Other targeted domains include communityenergyengland.org and renewableuk.com, highlighting an interest in the energy sector. Additionally, sites like london-drone.co.uk and nationwidedrones.co.uk suggest a specific targeting of the drone industry. Overall, the attacks predominantly impact the UK, with a focus on energy and technology sectors.^{AI generated}
19 targets are under attack, 6 new targets and 13 targets from previous attack
New Targets(6): nationwidedrones.co.uk, hinaray.com, olsenactuators.com, thedrone.co, london-drone.co.uk, evolvedynamics.com
Targets from prev attack(13): ukerc.rl.ac.uk, ukbusinessswitch.co.uk, etendersni.gov.uk, www.energy-uk.org.uk, nationaljourneyplanner.travelinesw.com, www.poweron-uk.co.uk, www.renewableuk.com, communityenergyengland.org, buckfastleigh.gov.uk, e.org, mysmartenergy.uk, www.bristolonecity.com, www.britishgas.co.uk
Dismissed Targets(0):

Detected attack on 2026-04-07_08-30-06

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:30:06 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom, focusing on energy and governmental sectors. The attacked sites include mysmartenergy.uk, etendersni.gov.uk, and nationaljourneyplanner.travelinesw.com, among others. Key sectors affected include energy providers, local government, and community energy organizations.^{AI generated}
13 targets are under attack, 2 new targets and 11 targets from previous attack
New Targets(2): etendersni.gov.uk, nationaljourneyplanner.travelinesw.com
Targets from prev attack(11): ukerc.rl.ac.uk, mysmartenergy.uk, www.britishgas.co.uk, communityenergyengland.org, ukbusinessswitch.co.uk, buckfastleigh.gov.uk, www.bristolonecity.com, www.renewableuk.com, e.org, www.poweron-uk.co.uk, www.energy-uk.org.uk
Dismissed Targets(0):

Detected attack on 2026-04-07_08-25-07

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:25:07 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom. The attacked sites include those related to energy services and local government, indicating a focus on the energy sector and community resources. Key targets include British Gas, UKERC, and various renewable energy organizations, highlighting the group’s interest in disrupting energy-related operations and information in the UK.^{AI generated}
11 targets are under attack, 2 new targets and 9 targets from previous attack
New Targets(2): e.org, www.energy-uk.org.uk
Targets from prev attack(9): ukerc.rl.ac.uk, mysmartenergy.uk, www.britishgas.co.uk, ukbusinessswitch.co.uk, communityenergyengland.org, buckfastleigh.gov.uk, www.bristolonecity.com, www.renewableuk.com, www.poweron-uk.co.uk
Dismissed Targets(0):

Detected attack on 2026-04-07_08-20-08

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:20:08 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom. The attacked sites include local government portals, renewable energy organizations, and utility companies, indicating a focus on the UK's energy sector and local governance.^{AI generated}
9 targets are under attack, 1 new targets and 8 targets from previous attack
New Targets(1): mysmartenergy.uk
Targets from prev attack(8): buckfastleigh.gov.uk, www.poweron-uk.co.uk, www.renewableuk.com, www.bristolonecity.com, ukerc.rl.ac.uk, communityenergyengland.org, www.britishgas.co.uk, ukbusinessswitch.co.uk
Dismissed Targets(0):

Detected attack on 2026-04-07_08-15-07

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:15:07 +0000

Noname057(16) has targeted several websites primarily based in the United Kingdom. The attacked sites include local government, renewable energy organizations, and business service providers, indicating a focus on sectors related to energy and local governance. The principal countries under attack are the UK, with a clear emphasis on organizations involved in energy management and local community services.^{AI generated}
8 targets are under attack, 1 new targets and 7 targets from previous attack
New Targets(1): ukbusinessswitch.co.uk
Targets from prev attack(7): buckfastleigh.gov.uk, www.renewableuk.com, www.bristolonecity.com, ukerc.rl.ac.uk, communityenergyengland.org, www.britishgas.co.uk, www.poweron-uk.co.uk
Dismissed Targets(0):

Detected attack on 2026-04-07_08-10-07

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:10:07 +0000

Noname057(16) has targeted several websites primarily in the United Kingdom. The attacked sites include organizations related to renewable energy, local government, and energy companies, indicating a focus on the UK's energy sector and community initiatives.^{AI generated}
7 targets are under attack, 3 new targets and 4 targets from previous attack
New Targets(3): communityenergyengland.org, www.poweron-uk.co.uk, www.britishgas.co.uk
Targets from prev attack(4): buckfastleigh.gov.uk, www.renewableuk.com, ukerc.rl.ac.uk, www.bristolonecity.com
Dismissed Targets(16): www.ferrexpo.ua, aesgroup.com.ua, photopribor.ck.ua, www.malyshevplant.com, www.ukrniat.com, oneonline.bradford.gov.uk, www.morozov.com.ua, octavacapital.ua, www.keighley.gov.uk, www.blackburn.gov.uk, erc.ua, spetstechnoexport.com, www.harwichtowncouncil.co.uk, www.theaccessbankukltd.co.uk, zmturbines.com, britten-norman.com

Detected attack on 2026-04-07_08-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 07 Apr 2026 08:05:08 +0000

The attacks attributed to noname057(16) primarily target websites in Ukraine and the United Kingdom. Key Ukrainian sites include ferrexpo.ua, morozov.com.ua, and photopribor.ck.ua, reflecting a focus on local businesses and institutions. In the UK, notable targets include harwichtowncouncil.co.uk, keighley.gov.uk, and blackburn.gov.uk, indicating a broader interest in municipal and financial entities. The attacks suggest a strategic aim to disrupt services and gather intelligence from these regions.^{AI generated}
20 targets are under attack, 2 new targets and 18 targets from previous attack
New Targets(2): www.renewableuk.com, ukerc.rl.ac.uk
Targets from prev attack(18): www.ferrexpo.ua, aesgroup.com.ua, photopribor.ck.ua, buckfastleigh.gov.uk, www.malyshevplant.com, www.ukrniat.com, oneonline.bradford.gov.uk, www.morozov.com.ua, octavacapital.ua, www.keighley.gov.uk, www.blackburn.gov.uk, erc.ua, spetstechnoexport.com, www.harwichtowncouncil.co.uk, www.theaccessbankukltd.co.uk, www.bristolonecity.com, zmturbines.com, britten-norman.com
Dismissed Targets(10): politics.leics.gov.uk, www.bury.gov.uk, www.trafford.gov.uk, www.salford.gov.uk, www.cbi.org.uk, www.southamptonvts.co.uk, www.tameside.gov.uk, pa.eastcambs.gov.uk, youraccount.salford.gov.uk, www.heathrowexpress.com

Detected attack on 2026-04-06_12-05-49

codabar@42de.it (Alfredo Terrone) — Mon, 06 Apr 2026 12:05:49 +0000

The attacks attributed to noname057 have primarily targeted websites in the United Kingdom and Ukraine. Key UK sites include various local government councils and organizations, such as Trafford Council, Bury Council, and Heathrow Express. In Ukraine, the targets include companies like Ferrexpo and state entities like Ukrniat. This indicates a focus on both governmental and industrial sectors in these countries.^{AI generated}
28 targets are under attack, 10 new targets and 18 targets from previous attack
New Targets(10): spetstechnoexport.com, photopribor.ck.ua, www.malyshevplant.com, erc.ua, www.morozov.com.ua, www.ferrexpo.ua, www.ukrniat.com, zmturbines.com, aesgroup.com.ua, octavacapital.ua
Targets from prev attack(18): www.cbi.org.uk, www.trafford.gov.uk, www.heathrowexpress.com, www.tameside.gov.uk, www.keighley.gov.uk, www.salford.gov.uk, www.harwichtowncouncil.co.uk, www.bury.gov.uk, britten-norman.com, www.bristolonecity.com, politics.leics.gov.uk, youraccount.salford.gov.uk, buckfastleigh.gov.uk, pa.eastcambs.gov.uk, www.blackburn.gov.uk, www.theaccessbankukltd.co.uk, oneonline.bradford.gov.uk, www.southamptonvts.co.uk
Dismissed Targets(0):

Detected attack on 2026-04-06_08-10-07

codabar@42de.it (Alfredo Terrone) — Mon, 06 Apr 2026 08:10:07 +0000

The attacks by noname057 primarily targeted websites in the United Kingdom, affecting various local government and organizational sites. Key locations under attack include Salford, Southampton, Blackburn, and several others across England, indicating a concentrated effort against UK-based entities.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): youraccount.salford.gov.uk, www.cbi.org.uk, www.salford.gov.uk, britten-norman.com, www.heathrowexpress.com, pa.eastcambs.gov.uk, buckfastleigh.gov.uk, www.keighley.gov.uk, www.bury.gov.uk, www.harwichtowncouncil.co.uk, www.trafford.gov.uk, www.tameside.gov.uk, oneonline.bradford.gov.uk, politics.leics.gov.uk, www.bristolonecity.com, www.southamptonvts.co.uk, www.theaccessbankukltd.co.uk, www.blackburn.gov.uk
Targets from prev attack(0):
Dismissed Targets(12): norskelkraft.dk, elpriser.dk, kron-el.dk, uggerly.dk, www.raaby-rosendal.dk, danskenergi.dk, kj-el.dk, www.boliginstallatoren.dk, netseidbroker.mitid.dk, bce.au.dk, elselskaber.dk, brabrandel.dk

Detected attack on 2026-04-05_08-10-08

codabar@42de.it (Alfredo Terrone) — Sun, 05 Apr 2026 08:10:08 +0000

Noname057(16) has targeted several websites primarily from Denmark, indicating a focus on Danish energy and utility sectors. The attacked sites include uggerly.dk, elpriser.dk, danskenergi.dk, norskelkraft.dk, kj-el.dk, elselskaber.dk, raaby-rosendal.dk, bce.au.dk, boliginstallatoren.dk, netseidbroker.mitid.dk, brabrandel.dk, and kron-el.dk. This suggests an interest in disrupting services related to electricity pricing and management in Denmark.^{AI generated}
12 targets are under attack, 12 new targets and 0 targets from previous attack
New Targets(12): uggerly.dk, elpriser.dk, danskenergi.dk, norskelkraft.dk, kj-el.dk, elselskaber.dk, www.raaby-rosendal.dk, bce.au.dk, www.boliginstallatoren.dk, netseidbroker.mitid.dk, brabrandel.dk, kron-el.dk
Targets from prev attack(0):
Dismissed Targets(15): kfst.dk, handelsretten.dk, esbjergairport.dk, www.nrg.dk, hvidvask.dk, byret.dk, netbutik.postnord.dk, holbaek.dk, udbudsmedia.dk, konstant.dk, ringsted.dk, dinoffentligetransport.dk, eltilmelding.dk, rigsadvokaten.dk, www.borger.dk

Detected attack on 2026-04-04_08-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 04 Apr 2026 08:10:08 +0000

Noname057(16) has targeted several websites primarily in Denmark. The attacked sites include various governmental and public service platforms, such as nrg.dk, udbudsmedia.dk, kfst.dk, and dinoffentligetransport.dk. Other notable targets are local municipalities like holbaek.dk and ringsted.dk, as well as transportation and legal services, including esbjergairport.dk and handelsretten.dk. The attacks highlight a focus on Danish infrastructure and public services.^{AI generated}
15 targets are under attack, 15 new targets and 0 targets from previous attack
New Targets(15): www.nrg.dk, udbudsmedia.dk, kfst.dk, dinoffentligetransport.dk, hvidvask.dk, holbaek.dk, esbjergairport.dk, netbutik.postnord.dk, ringsted.dk, handelsretten.dk, byret.dk, rigsadvokaten.dk, eltilmelding.dk, www.borger.dk, konstant.dk
Targets from prev attack(0):
Dismissed Targets(33): www.nationalbanken.dk, www.home.saxo, kruk.company, danskebank.dk, rep.jyskebank.dk, www.hovmandenergi.dk, www.pult-ohrana.kiev.ua, www.vestas.com, rossenergy.dk, klimadan.dk, www.carlc.dk, ufpb.kiev.ua, bezpeka.ua, bezpeka-ltd.com, www.ramboll.com, ohorona-bezpeka.com, oib.com.ua, tor-safety.com, mobile-services.jyskebank.dk, apmoller.com, www.jyskebank.dk, bezpeka-zahyst.com.ua, eng.geus.dk, plus.jyskebank.dk, geoop.dk, www.spks.dk, ohorona-kyiv.com, www.nykredit.com, nykjaerservice.dk, svar.jyskebank.dk, phoenix-s.com.ua, greentherma.com, ab.com.ua

Detected attack on 2026-04-03_21-55-13

codabar@42de.it (Alfredo Terrone) — Fri, 03 Apr 2026 21:55:13 +0000

The attacks attributed to noname057(16) primarily targeted websites in Ukraine and Denmark. Key sectors affected include banking, security services, and energy. Notable companies under attack include Jyske Bank and Danske Bank from Denmark, as well as various Ukrainian security and energy firms. The campaign highlights a significant focus on critical infrastructure and financial institutions in these countries.^{AI generated}
33 targets are under attack, 1 new targets and 32 targets from previous attack
New Targets(1): www.spks.dk
Targets from prev attack(32): bezpeka-zahyst.com.ua, www.nykredit.com, www.carlc.dk, www.jyskebank.dk, plus.jyskebank.dk, svar.jyskebank.dk, bezpeka.ua, ohorona-kyiv.com, www.pult-ohrana.kiev.ua, danskebank.dk, phoenix-s.com.ua, greentherma.com, bezpeka-ltd.com, www.nationalbanken.dk, www.vestas.com, ufpb.kiev.ua, www.home.saxo, klimadan.dk, nykjaerservice.dk, ab.com.ua, www.ramboll.com, apmoller.com, tor-safety.com, rossenergy.dk, kruk.company, eng.geus.dk, ohorona-bezpeka.com, geoop.dk, mobile-services.jyskebank.dk, oib.com.ua, www.hovmandenergi.dk, rep.jyskebank.dk
Dismissed Targets(0):

Detected attack on 2026-04-03_21-50-12

codabar@42de.it (Alfredo Terrone) — Fri, 03 Apr 2026 21:50:12 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark and Ukraine. Key sectors affected include finance, energy, and security services. Notable Danish entities such as Jyske Bank, Danske Bank, and Vestas were among the victims, along with various Ukrainian security and service companies. The attacks highlight a significant threat landscape in both countries, emphasizing the need for enhanced cybersecurity measures.^{AI generated}
32 targets are under attack, 0 new targets and 32 targets from previous attack
New Targets(0):
Targets from prev attack(32): eng.geus.dk, ohorona-kyiv.com, geoop.dk, www.home.saxo, mobile-services.jyskebank.dk, kruk.company, klimadan.dk, www.hovmandenergi.dk, rossenergy.dk, www.vestas.com, www.pult-ohrana.kiev.ua, oib.com.ua, ohorona-bezpeka.com, www.nykredit.com, tor-safety.com, bezpeka.ua, www.nationalbanken.dk, www.jyskebank.dk, danskebank.dk, bezpeka-zahyst.com.ua, nykjaerservice.dk, www.carlc.dk, ab.com.ua, bezpeka-ltd.com, greentherma.com, apmoller.com, phoenix-s.com.ua, www.ramboll.com, plus.jyskebank.dk, svar.jyskebank.dk, rep.jyskebank.dk, ufpb.kiev.ua
Dismissed Targets(1): www.spks.dk

Detected attack on 2026-04-03_12-05-10

codabar@42de.it (Alfredo Terrone) — Fri, 03 Apr 2026 12:05:10 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Notable Danish sites include financial institutions such as Jyske Bank and Danske Bank, as well as various service providers like Vestas and Ramboll. Ukrainian targets include security and safety companies, highlighting a focus on critical infrastructure and financial services in both countries.^{AI generated}
33 targets are under attack, 12 new targets and 21 targets from previous attack
New Targets(12): bezpeka-ltd.com, ab.com.ua, phoenix-s.com.ua, tor-safety.com, www.pult-ohrana.kiev.ua, oib.com.ua, ufpb.kiev.ua, ohorona-bezpeka.com, bezpeka-zahyst.com.ua, bezpeka.ua, kruk.company, ohorona-kyiv.com
Targets from prev attack(21): www.hovmandenergi.dk, nykjaerservice.dk, rep.jyskebank.dk, klimadan.dk, www.nationalbanken.dk, greentherma.com, eng.geus.dk, www.ramboll.com, www.home.saxo, www.vestas.com, svar.jyskebank.dk, danskebank.dk, mobile-services.jyskebank.dk, www.spks.dk, www.carlc.dk, www.nykredit.com, apmoller.com, plus.jyskebank.dk, geoop.dk, www.jyskebank.dk, rossenergy.dk
Dismissed Targets(0):

Detected attack on 2026-04-03_09-05-16

codabar@42de.it (Alfredo Terrone) — Fri, 03 Apr 2026 09:05:16 +0000

The attacks by noname057 primarily targeted websites in Denmark, affecting various sectors including energy, finance, and consulting. Key organizations such as Vestas, Danske Bank, and Jyske Bank were among those impacted, highlighting a concentrated effort against Danish enterprises.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): eng.geus.dk, klimadan.dk, www.vestas.com, www.nationalbanken.dk, www.carlc.dk, www.jyskebank.dk, www.ramboll.com, apmoller.com, www.home.saxo, plus.jyskebank.dk, www.spks.dk, svar.jyskebank.dk, greentherma.com, www.hovmandenergi.dk, www.nykredit.com, mobile-services.jyskebank.dk, geoop.dk, rossenergy.dk, nykjaerservice.dk, danskebank.dk, rep.jyskebank.dk
Dismissed Targets(1): azocm.postavschiki.ua

Detected attack on 2026-04-03_08-10-12

codabar@42de.it (Alfredo Terrone) — Fri, 03 Apr 2026 08:10:12 +0000

The recent attacks attributed to the group noname057 primarily targeted websites in Denmark, with several significant companies and institutions affected. Key sectors impacted include banking, energy, and environmental services. Notable organizations under attack include Jyske Bank, Vestas, and the Danish National Bank, highlighting a concentrated effort against critical infrastructure and financial services in Denmark. Additionally, there was an attack on a Ukrainian site, indicating a broader geographical scope.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): mobile-services.jyskebank.dk, www.vestas.com, eng.geus.dk, www.ramboll.com, www.nationalbanken.dk, geoop.dk, klimadan.dk, danskebank.dk, rep.jyskebank.dk, apmoller.com, greentherma.com, www.nykredit.com, rossenergy.dk, plus.jyskebank.dk, www.carlc.dk, www.spks.dk, www.jyskebank.dk, www.home.saxo, www.hovmandenergi.dk, azocm.postavschiki.ua, svar.jyskebank.dk, nykjaerservice.dk
Dismissed Targets(11): deltag.aarhus.dk, www.teknologisk.dk, elselskaber.dk, danskfjernvarme.dk, www.boliginstallatoren.dk, www.raaby-rosendal.dk, elpriser.dk, vs-automatic.dk, energielektrikeren.dk, henning-mortensen.dk, bce.au.dk

Detected attack on 2026-04-03_08-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 03 Apr 2026 08:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark. Key sectors affected include banking, energy, and technology, with notable organizations such as Jyske Bank, Vestas, and Danske Bank among the victims. The focus on Danish entities highlights a concentrated effort to disrupt services and potentially steal sensitive information within the country.^{AI generated}
33 targets are under attack, 21 new targets and 12 targets from previous attack
New Targets(21): mobile-services.jyskebank.dk, www.vestas.com, eng.geus.dk, www.ramboll.com, www.nationalbanken.dk, klimadan.dk, geoop.dk, danskebank.dk, rep.jyskebank.dk, apmoller.com, greentherma.com, www.nykredit.com, rossenergy.dk, plus.jyskebank.dk, www.carlc.dk, www.spks.dk, www.jyskebank.dk, www.home.saxo, www.hovmandenergi.dk, svar.jyskebank.dk, nykjaerservice.dk
Targets from prev attack(12): deltag.aarhus.dk, www.teknologisk.dk, elselskaber.dk, danskfjernvarme.dk, www.boliginstallatoren.dk, azocm.postavschiki.ua, www.raaby-rosendal.dk, elpriser.dk, vs-automatic.dk, energielektrikeren.dk, henning-mortensen.dk, bce.au.dk
Dismissed Targets(14): john-drejer.dk, brabrandel.dk, octavacapital.ua, roboneers.net, lansys.com.ua, mundelstrup-el.dk, kj-el.dk, pl-el.dk, rafn-el.dk, uggerly.dk, www.ukrniat.com, yuzhmash.com, kron-el.dk, www.kredslob.dk

Detected attack on 2026-04-02_12-05-09

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 12:05:09 +0000

Noname057(16) has targeted websites primarily in Denmark and Ukraine. The attacks include various sectors such as energy, technology, and local services. Key countries under attack are Denmark, with numerous Danish websites affected, and Ukraine, which has seen significant targeting of its online presence.^{AI generated}
26 targets are under attack, 1 new targets and 25 targets from previous attack
New Targets(1): azocm.postavschiki.ua
Targets from prev attack(25): www.ukrniat.com, energielektrikeren.dk, john-drejer.dk, pl-el.dk, www.boliginstallatoren.dk, kj-el.dk, henning-mortensen.dk, octavacapital.ua, elselskaber.dk, vs-automatic.dk, mundelstrup-el.dk, elpriser.dk, roboneers.net, uggerly.dk, www.kredslob.dk, bce.au.dk, deltag.aarhus.dk, rafn-el.dk, www.teknologisk.dk, yuzhmash.com, www.raaby-rosendal.dk, danskfjernvarme.dk, kron-el.dk, lansys.com.ua, brabrandel.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_11-05-14

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 11:05:14 +0000

Noname057(16) has targeted various websites primarily from Denmark and Ukraine. The attacks include Danish sites such as deltag.aarhus.dk, vs-automatic.dk, and energielektrikeren.dk, alongside Ukrainian sites like yuzhmash.com and octavacapital.ua. The campaign reflects a focus on critical infrastructure and technology sectors in these countries.^{AI generated}
25 targets are under attack, 5 new targets and 20 targets from previous attack
New Targets(5): www.ukrniat.com, roboneers.net, yuzhmash.com, lansys.com.ua, octavacapital.ua
Targets from prev attack(20): deltag.aarhus.dk, vs-automatic.dk, kj-el.dk, john-drejer.dk, danskfjernvarme.dk, elpriser.dk, bce.au.dk, energielektrikeren.dk, henning-mortensen.dk, www.boliginstallatoren.dk, pl-el.dk, elselskaber.dk, www.teknologisk.dk, kron-el.dk, www.kredslob.dk, uggerly.dk, rafn-el.dk, mundelstrup-el.dk, brabrandel.dk, www.raaby-rosendal.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-45-23

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:45:23 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark. The affected sites include various local businesses and organizations related to electrical services, energy, and technology. Key domains such as pl-el.dk, rafn-el.dk, and elpriser.dk highlight the focus on the energy sector within the country.^{AI generated}
20 targets are under attack, 1 new targets and 19 targets from previous attack
New Targets(1): bce.au.dk
Targets from prev attack(19): pl-el.dk, rafn-el.dk, john-drejer.dk, kron-el.dk, www.boliginstallatoren.dk, henning-mortensen.dk, www.kredslob.dk, www.raaby-rosendal.dk, brabrandel.dk, kj-el.dk, energielektrikeren.dk, mundelstrup-el.dk, vs-automatic.dk, elselskaber.dk, danskfjernvarme.dk, uggerly.dk, elpriser.dk, deltag.aarhus.dk, www.teknologisk.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-35-09

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:35:09 +0000

The attacks by noname057 primarily targeted Denmark, with various websites related to energy, electricity, and local services being compromised. Key sites include elpriser.dk, which provides electricity prices, and several local service providers like rafn-el.dk and mundelstrup-el.dk. The focus on these domains indicates a specific interest in the energy sector within Denmark.^{AI generated}
19 targets are under attack, 2 new targets and 17 targets from previous attack
New Targets(2): www.teknologisk.dk, deltag.aarhus.dk
Targets from prev attack(17): www.boliginstallatoren.dk, uggerly.dk, danskfjernvarme.dk, kj-el.dk, rafn-el.dk, john-drejer.dk, elselskaber.dk, henning-mortensen.dk, mundelstrup-el.dk, brabrandel.dk, energielektrikeren.dk, kron-el.dk, www.kredslob.dk, www.raaby-rosendal.dk, elpriser.dk, vs-automatic.dk, pl-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-30-09

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:30:09 +0000

The sites attacked by noname057(16) primarily belong to Denmark, focusing on various sectors such as energy, electricity, and local services. The targeted domains include those related to electrical companies, heating services, and home installations, indicating a concentrated effort against Denmark's infrastructure and service providers.^{AI generated}
17 targets are under attack, 2 new targets and 15 targets from previous attack
New Targets(2): elselskaber.dk, elpriser.dk
Targets from prev attack(15): pl-el.dk, danskfjernvarme.dk, uggerly.dk, henning-mortensen.dk, vs-automatic.dk, www.kredslob.dk, brabrandel.dk, energielektrikeren.dk, www.boliginstallatoren.dk, kj-el.dk, rafn-el.dk, john-drejer.dk, www.raaby-rosendal.dk, mundelstrup-el.dk, kron-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-25-10

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:25:10 +0000

Noname057(16) has targeted several websites primarily from Denmark. The attacked sites include mundelstrup-el.dk, pl-el.dk, danskfjernvarme.dk, henning-mortensen.dk, vs-automatic.dk, www.kredslob.dk, brabrandel.dk, energielektrikeren.dk, www.boliginstallatoren.dk, kj-el.dk, rafn-el.dk, john-drejer.dk, www.raaby-rosendal.dk, uggerly.dk, and kron-el.dk. This indicates a focus on Danish entities, particularly in the energy and electrical sectors.^{AI generated}
15 targets are under attack, 2 new targets and 13 targets from previous attack
New Targets(2): danskfjernvarme.dk, www.raaby-rosendal.dk
Targets from prev attack(13): mundelstrup-el.dk, pl-el.dk, henning-mortensen.dk, vs-automatic.dk, www.kredslob.dk, brabrandel.dk, kj-el.dk, rafn-el.dk, www.boliginstallatoren.dk, energielektrikeren.dk, john-drejer.dk, uggerly.dk, kron-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-20-09

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:20:09 +0000

The attacks attributed to noname057 primarily target Denmark-based websites. The affected sites include various electrical and energy-related businesses, indicating a focus on the energy sector within the country.^{AI generated}
13 targets are under attack, 2 new targets and 11 targets from previous attack
New Targets(2): energielektrikeren.dk, vs-automatic.dk
Targets from prev attack(11): www.kredslob.dk, mundelstrup-el.dk, uggerly.dk, brabrandel.dk, john-drejer.dk, www.boliginstallatoren.dk, kj-el.dk, rafn-el.dk, henning-mortensen.dk, pl-el.dk, kron-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-15-09

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:15:09 +0000

Noname057(16) has targeted several websites primarily from Denmark. The affected sites include various local businesses and services, indicating a focus on Danish entities.^{AI generated}
11 targets are under attack, 1 new targets and 10 targets from previous attack
New Targets(1): www.boliginstallatoren.dk
Targets from prev attack(10): www.kredslob.dk, mundelstrup-el.dk, uggerly.dk, brabrandel.dk, john-drejer.dk, rafn-el.dk, kj-el.dk, henning-mortensen.dk, pl-el.dk, kron-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-10-07

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:10:07 +0000

Noname057(16) has targeted several websites primarily from Denmark. The attacked sites include various local businesses and services, indicating a focus on Danish entities. The attacks suggest an interest in disrupting operations within the Danish digital landscape.^{AI generated}
10 targets are under attack, 1 new targets and 9 targets from previous attack
New Targets(1): henning-mortensen.dk
Targets from prev attack(9): pl-el.dk, www.kredslob.dk, kron-el.dk, mundelstrup-el.dk, uggerly.dk, kj-el.dk, john-drejer.dk, brabrandel.dk, rafn-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:05:08 +0000

Noname057(16) has targeted several websites primarily located in Denmark. The attacked sites include pl-el.dk, kredslob.dk, kron-el.dk, kj-el.dk, mundelstrup-el.dk, uggerly.dk, rafn-el.dk, john-drejer.dk, and brabrandel.dk. These attacks indicate a focus on Danish entities, particularly in the energy and local services sectors.^{AI generated}
9 targets are under attack, 2 new targets and 7 targets from previous attack
New Targets(2): kj-el.dk, john-drejer.dk
Targets from prev attack(7): pl-el.dk, www.kredslob.dk, kron-el.dk, mundelstrup-el.dk, uggerly.dk, rafn-el.dk, brabrandel.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_09-00-09

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 09:00:09 +0000

Noname057(16) has targeted several websites primarily in Denmark. The attacked sites include mundelstrup-el.dk, www.kredslob.dk, pl-el.dk, rafn-el.dk, kron-el.dk, uggerly.dk, and brabrandel.dk, indicating a concentrated effort against Danish entities.^{AI generated}
7 targets are under attack, 1 new targets and 6 targets from previous attack
New Targets(1): mundelstrup-el.dk
Targets from prev attack(6): www.kredslob.dk, pl-el.dk, rafn-el.dk, kron-el.dk, uggerly.dk, brabrandel.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_08-55-08

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 08:55:08 +0000

Noname057(16) has targeted several websites primarily located in Denmark. The attacked sites include kredslob.dk, pl-el.dk, rafn-el.dk, kron-el.dk, uggerly.dk, and brabrandel.dk, indicating a focus on Danish entities.^{AI generated}
6 targets are under attack, 1 new targets and 5 targets from previous attack
New Targets(1): kron-el.dk
Targets from prev attack(5): www.kredslob.dk, pl-el.dk, rafn-el.dk, uggerly.dk, brabrandel.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_08-15-19

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 08:15:19 +0000

Noname057(16) has targeted several websites primarily located in Denmark. The attacked sites include brabrandel.dk, kredslob.dk, uggerly.dk, rafn-el.dk, and pl-el.dk, indicating a focus on Danish entities.^{AI generated}
5 targets are under attack, 1 new targets and 4 targets from previous attack
New Targets(1): uggerly.dk
Targets from prev attack(4): pl-el.dk, rafn-el.dk, www.kredslob.dk, brabrandel.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_08-10-07

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 08:10:07 +0000

Noname057(16) has targeted several websites primarily located in Denmark. The attacked sites include kredslob.dk, brabrandel.dk, pl-el.dk, and rafn-el.dk, indicating a focused campaign against Danish entities.^{AI generated}
4 targets are under attack, 2 new targets and 2 targets from previous attack
New Targets(2): brabrandel.dk, rafn-el.dk
Targets from prev attack(2): www.kredslob.dk, pl-el.dk
Dismissed Targets(0):

Detected attack on 2026-04-02_08-05-07

codabar@42de.it (Alfredo Terrone) — Thu, 02 Apr 2026 08:05:07 +0000

Noname057(16) has targeted websites primarily in Denmark, including www.kredslob.dk and pl-el.dk. These attacks indicate a focus on Danish entities, highlighting potential vulnerabilities within the region's digital infrastructure.^{AI generated}
2 targets are under attack, 2 new targets and 0 targets from previous attack
New Targets(2): www.kredslob.dk, pl-el.dk
Targets from prev attack(0):
Dismissed Targets(31): netseidbroker.mitid.dk, my.o3.ua, www.lanet.ua, kniazha.ua, eltilmelding.dk, x-city.ua, best.net.ua, konstant.dk, aura.dk, l4.ua, www.kvorum.com.ua, home.l4.ua, account.norlys.dk, api.yedna.com.ua, www.elnetmidt.dk, biomass.dk, velkommen.dk, norskelkraft.dk, identity.norlys.dk, stromtid.dk, forskel.dk, www.shtorm.net, danskenergi.dk, www.kd-life.com.ua, ens.dk, mit-login.norlys.dk, norlys.dk, megaprostir.net, www.aalborgcsp.com, o3.ua, www.ewii.dk

Detected attack on 2026-04-01_12-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 01 Apr 2026 12:05:09 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and Denmark. Key Ukrainian sites include lanet.ua, kvorum.com.ua, o3.ua, and several others, indicating a focus on Ukrainian infrastructure and services. In Denmark, multiple sites such as konstant.dk, eltilmelding.dk, and norlys.dk are affected, suggesting a concentrated effort on Danish energy and identity management platforms.^{AI generated}
31 targets are under attack, 12 new targets and 19 targets from previous attack
New Targets(12): www.lanet.ua, www.shtorm.net, www.kvorum.com.ua, www.kd-life.com.ua, my.o3.ua, o3.ua, x-city.ua, home.l4.ua, kniazha.ua, l4.ua, megaprostir.net, best.net.ua
Targets from prev attack(19): konstant.dk, netseidbroker.mitid.dk, eltilmelding.dk, biomass.dk, norskelkraft.dk, ens.dk, www.aalborgcsp.com, www.elnetmidt.dk, api.yedna.com.ua, forskel.dk, velkommen.dk, norlys.dk, danskenergi.dk, identity.norlys.dk, stromtid.dk, mit-login.norlys.dk, aura.dk, account.norlys.dk, www.ewii.dk
Dismissed Targets(0):

Detected attack on 2026-04-01_08-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 01 Apr 2026 08:05:09 +0000

The attacks by noname057 primarily targeted websites in Denmark, including major energy and utility companies such as Norlys, Dansk Energi, and EWII. Other affected sites include energy-related services and platforms, indicating a focus on the energy sector within the country. Additionally, there was one targeted site from Ukraine, suggesting a broader interest in regional energy infrastructure.^{AI generated}
19 targets are under attack, 18 new targets and 1 targets from previous attack
New Targets(18): mit-login.norlys.dk, norlys.dk, netseidbroker.mitid.dk, velkommen.dk, identity.norlys.dk, ens.dk, biomass.dk, norskelkraft.dk, konstant.dk, www.aalborgcsp.com, eltilmelding.dk, danskenergi.dk, forskel.dk, www.elnetmidt.dk, stromtid.dk, account.norlys.dk, www.ewii.dk, aura.dk
Targets from prev attack(1): api.yedna.com.ua
Dismissed Targets(26): komfinbank.rada.gov.ua, copenhagensuborbitals.com, kompravpol.rada.gov.ua, komsamovr.rada.gov.ua, www.nrg.dk, kompek.rada.gov.ua, komnbor.rada.gov.ua, www.metroselskabet.dk, komtrans.rada.gov.ua, ringsted.dk, bus.gl, www.rn.dk, e-commerce.airgreenland.com, byret.dk, soroe.dk, holbaek.dk, hvidvask.dk, netbutik.postnord.dk, www.borger.dk, handelsretten.dk, www.scangl.dk, kompravlud.rada.gov.ua, sdkgroup.com, komzakonpr.rada.gov.ua, www.dst.dk, rigsadvokaten.dk

Detected attack on 2026-04-01_00-35-10

codabar@42de.it (Alfredo Terrone) — Wed, 01 Apr 2026 00:35:10 +0000

The attacks attributed to noname057(16) primarily target websites in Denmark and Ukraine. Notable Danish sites include hvidvask.dk, metroselskabet.dk, and several others related to public services and commerce. In Ukraine, the attacks focus on governmental and financial institutions, with sites like kompek.rada.gov.ua and kompravpol.rada.gov.ua being prominent targets.^{AI generated}
27 targets are under attack, 1 new targets and 26 targets from previous attack
New Targets(1): api.yedna.com.ua
Targets from prev attack(26): hvidvask.dk, www.metroselskabet.dk, kompek.rada.gov.ua, kompravpol.rada.gov.ua, www.rn.dk, soroe.dk, e-commerce.airgreenland.com, www.dst.dk, netbutik.postnord.dk, rigsadvokaten.dk, sdkgroup.com, holbaek.dk, komtrans.rada.gov.ua, www.nrg.dk, komzakonpr.rada.gov.ua, kompravlud.rada.gov.ua, ringsted.dk, komfinbank.rada.gov.ua, copenhagensuborbitals.com, www.borger.dk, handelsretten.dk, www.scangl.dk, byret.dk, bus.gl, komnbor.rada.gov.ua, komsamovr.rada.gov.ua
Dismissed Targets(0):

Detected attack on 2026-03-31_11-30-09

codabar@42de.it (Alfredo Terrone) — Tue, 31 Mar 2026 11:30:09 +0000

The recent attacks attributed to noname057(16) primarily target websites in Denmark and Ukraine. Key Danish sites include government and local services such as byret.dk, nrg.dk, and borger.dk. Ukrainian sites targeted include various governmental and banking institutions like kompek.rada.gov.ua and komfinbank.rada.gov.ua. The attacks highlight a focus on critical infrastructure and public services in these countries.^{AI generated}
26 targets are under attack, 1 new targets and 25 targets from previous attack
New Targets(1): komzakonpr.rada.gov.ua
Targets from prev attack(25): sdkgroup.com, byret.dk, www.nrg.dk, www.rn.dk, rigsadvokaten.dk, kompek.rada.gov.ua, holbaek.dk, komfinbank.rada.gov.ua, komsamovr.rada.gov.ua, www.metroselskabet.dk, www.borger.dk, netbutik.postnord.dk, komnbor.rada.gov.ua, soroe.dk, e-commerce.airgreenland.com, www.dst.dk, www.scangl.dk, bus.gl, ringsted.dk, kompravlud.rada.gov.ua, copenhagensuborbitals.com, komtrans.rada.gov.ua, hvidvask.dk, kompravpol.rada.gov.ua, handelsretten.dk
Dismissed Targets(0):

Detected attack on 2026-03-31_11-25-09

codabar@42de.it (Alfredo Terrone) — Tue, 31 Mar 2026 11:25:09 +0000

Noname057(16) has targeted a variety of websites primarily in Denmark and Ukraine. The attacks include sites such as sdkgroup.com, byret.dk, and various Danish government and local authority websites like nrg.dk, rn.dk, and holbaek.dk. Additionally, Ukrainian sites such as kompek.rada.gov.ua and komfinbank.rada.gov.ua have also been affected. This indicates a focus on both Danish and Ukrainian entities, suggesting a strategic interest in these countries.^{AI generated}
25 targets are under attack, 7 new targets and 18 targets from previous attack
New Targets(7): komtrans.rada.gov.ua, komsamovr.rada.gov.ua, komnbor.rada.gov.ua, kompravpol.rada.gov.ua, kompek.rada.gov.ua, komfinbank.rada.gov.ua, kompravlud.rada.gov.ua
Targets from prev attack(18): handelsretten.dk, sdkgroup.com, hvidvask.dk, soroe.dk, byret.dk, www.rn.dk, www.nrg.dk, rigsadvokaten.dk, www.metroselskabet.dk, e-commerce.airgreenland.com, www.dst.dk, netbutik.postnord.dk, bus.gl, ringsted.dk, www.scangl.dk, holbaek.dk, www.borger.dk, copenhagensuborbitals.com
Dismissed Targets(0):

Detected attack on 2026-03-31_08-05-20

codabar@42de.it (Alfredo Terrone) — Tue, 31 Mar 2026 08:05:20 +0000

The attacks attributed to noname057(16) primarily target websites from Denmark. Key sectors affected include government services, legal services, e-commerce, and public transportation. Notable sites under attack include holbaek.dk, rigsadvokaten.dk, and borger.dk, among others. The incidents highlight a concentrated threat landscape within Denmark's digital infrastructure.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): holbaek.dk, rigsadvokaten.dk, www.borger.dk, www.nrg.dk, www.scangl.dk, www.dst.dk, copenhagensuborbitals.com, bus.gl, hvidvask.dk, soroe.dk, byret.dk, ringsted.dk, sdkgroup.com, www.metroselskabet.dk, e-commerce.airgreenland.com, netbutik.postnord.dk, handelsretten.dk, www.rn.dk
Targets from prev attack(0):
Dismissed Targets(23): www.elnetmidt.dk, skat.dk, kfst.dk, hca-airport.dk, udbudsmedia.dk, skm.dk, www.rejsekort.dk, www.bornholms-lufthavn.dk, udbud.dk, forsyningstilsynet.dk, adst.dk, www.aar.dk, dinoffentligetransport.dk, www.aal.dk, avannaata.gl, stromtid.dk, eltb2cprod.b2clogin.com, www.dsb.dk, esbjergairport.dk, velkommen.dk, www.hofor.dk, eltilmelding.dk, sktst.dk

Detected attack on 2026-03-30_12-05-08

codabar@42de.it (Alfredo Terrone) — Mon, 30 Mar 2026 12:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark. Key sectors affected include public transportation, airport services, and government agencies. Notable sites include rejsekort.dk, hca-airport.dk, and skat.dk, indicating a focus on critical infrastructure and public services.^{AI generated}
23 targets are under attack, 1 new targets and 22 targets from previous attack
New Targets(1): avannaata.gl
Targets from prev attack(22): www.rejsekort.dk, adst.dk, udbudsmedia.dk, www.elnetmidt.dk, dinoffentligetransport.dk, hca-airport.dk, kfst.dk, skm.dk, eltb2cprod.b2clogin.com, esbjergairport.dk, www.hofor.dk, skat.dk, forsyningstilsynet.dk, www.aal.dk, www.bornholms-lufthavn.dk, velkommen.dk, sktst.dk, www.aar.dk, stromtid.dk, udbud.dk, www.dsb.dk, eltilmelding.dk
Dismissed Targets(0):

Detected attack on 2026-03-30_08-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 30 Mar 2026 08:10:08 +0000

The attacks attributed to noname057 primarily target Denmark, with a focus on various governmental and transportation-related websites. Key sites include udbudsmedia.dk, eltilmelding.dk, and rejsekort.dk, among others. The attacks highlight vulnerabilities in public services and infrastructure, affecting both citizens and travelers within the country.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): udbudsmedia.dk, eltilmelding.dk, velkommen.dk, www.rejsekort.dk, www.aal.dk, hca-airport.dk, stromtid.dk, udbud.dk, eltb2cprod.b2clogin.com, esbjergairport.dk, dinoffentligetransport.dk, www.dsb.dk, skm.dk, www.hofor.dk, www.bornholms-lufthavn.dk, www.aar.dk, adst.dk, skat.dk, forsyningstilsynet.dk, sktst.dk, www.elnetmidt.dk, kfst.dk
Dismissed Targets(5): www.zeanet.dk, konstant.dk, energy.zapp.dk, flow-elnet.dk, www.installationsblanket.dk

Detected attack on 2026-03-30_08-05-09

codabar@42de.it (Alfredo Terrone) — Mon, 30 Mar 2026 08:05:09 +0000

The attacks attributed to noname057 primarily targeted Denmark, affecting various websites including government services, transportation, and energy sectors. Key sites under attack include udbudsmedia.dk, eltilmelding.dk, and rejsekort.dk, among others, indicating a focus on critical infrastructure and public services in the country.^{AI generated}
27 targets are under attack, 22 new targets and 5 targets from previous attack
New Targets(22): udbudsmedia.dk, eltilmelding.dk, velkommen.dk, www.rejsekort.dk, www.aal.dk, hca-airport.dk, stromtid.dk, udbud.dk, eltb2cprod.b2clogin.com, esbjergairport.dk, dinoffentligetransport.dk, www.dsb.dk, skm.dk, www.hofor.dk, www.bornholms-lufthavn.dk, www.aar.dk, adst.dk, skat.dk, forsyningstilsynet.dk, sktst.dk, www.elnetmidt.dk, kfst.dk
Targets from prev attack(5): www.zeanet.dk, konstant.dk, energy.zapp.dk, flow-elnet.dk, www.installationsblanket.dk
Dismissed Targets(15): solrod.dk, isg.gl, www.sullissivik.gl, govmin.gl, selvbetjening.sef.dk, sef.dk, herlev.dk, ritzau.com, eltjek24.dk, eastgreenland.com, holbaek.dk, naalakkersuisut.gl, kujalleq.gl, qeqqata.gl, qeqertalik.gl

Detected attack on 2026-03-29_12-05-08

codabar@42de.it (Alfredo Terrone) — Sun, 29 Mar 2026 12:05:08 +0000

Noname057(16) has targeted various websites primarily in Denmark and Greenland. The attacks include Danish sites such as eltjek24.dk, ritzau.com, and sef.dk, as well as several Greenlandic sites like Naalakkersuisut.gl, isg.gl, and govmin.gl. The focus appears to be on government and local services, indicating a strategic interest in these regions.^{AI generated}
20 targets are under attack, 1 new targets and 19 targets from previous attack
New Targets(1): naalakkersuisut.gl
Targets from prev attack(19): eltjek24.dk, www.sullissivik.gl, ritzau.com, www.installationsblanket.dk, sef.dk, isg.gl, herlev.dk, holbaek.dk, eastgreenland.com, www.zeanet.dk, qeqertalik.gl, solrod.dk, govmin.gl, konstant.dk, kujalleq.gl, selvbetjening.sef.dk, qeqqata.gl, flow-elnet.dk, energy.zapp.dk
Dismissed Targets(0):

Detected attack on 2026-03-29_08-05-09

codabar@42de.it (Alfredo Terrone) — Sun, 29 Mar 2026 08:05:09 +0000

The attacks attributed to noname057 primarily target websites in Greenland and Denmark. Key sites affected include governmental and local municipality websites, as well as energy and service providers. Notable countries under attack are Greenland, with multiple domains ending in .gl, and Denmark, represented by various .dk domains.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.sullissivik.gl, www.zeanet.dk, herlev.dk, eastgreenland.com, qeqqata.gl, energy.zapp.dk, holbaek.dk, www.installationsblanket.dk, isg.gl, eltjek24.dk, kujalleq.gl, sef.dk, ritzau.com, solrod.dk, konstant.dk, flow-elnet.dk, govmin.gl, qeqertalik.gl, selvbetjening.sef.dk
Targets from prev attack(0):
Dismissed Targets(22): budgetenergi.dk, e-commerce.airgreenland.com, www.borger.dk, en.midtjyllandslufthavn.dk, mit.dk, ringsted.dk, bus.gl, rigsadvokaten.dk, hvidvask.dk, netbutik.postnord.dk, traveltrade.visitgreenland.com, www.rn.dk, sdkgroup.com, www.nrg.dk, www.stamps.gl, login.politi.dk, copenhagensuborbitals.com, byret.dk, ens.dk, handelsretten.dk, nrgi.dk, www.scangl.dk

Detected attack on 2026-03-28_11-10-09

codabar@42de.it (Alfredo Terrone) — Sat, 28 Mar 2026 11:10:09 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Greenland. Key sectors affected include e-commerce, travel, and public services, with notable sites such as netbutik.postnord.dk, traveltrade.visitgreenland.com, and login.politi.dk being compromised. The attacks highlight a significant focus on Danish governmental and commercial entities.^{AI generated}
22 targets are under attack, 2 new targets and 20 targets from previous attack
New Targets(2): e-commerce.airgreenland.com, bus.gl
Targets from prev attack(20): netbutik.postnord.dk, traveltrade.visitgreenland.com, byret.dk, www.rn.dk, www.scangl.dk, mit.dk, www.nrg.dk, hvidvask.dk, en.midtjyllandslufthavn.dk, budgetenergi.dk, www.stamps.gl, ringsted.dk, handelsretten.dk, rigsadvokaten.dk, login.politi.dk, ens.dk, nrgi.dk, copenhagensuborbitals.com, www.borger.dk, sdkgroup.com
Dismissed Targets(0):

Detected attack on 2026-03-28_07-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 28 Mar 2026 07:10:08 +0000

Noname057(16) has targeted various websites primarily in Denmark and Greenland. The attacks include government-related sites, energy companies, and travel services. Key countries under attack are Denmark, with multiple sites such as handelsretten.dk, nrg.dk, and politi.dk, as well as Greenland, represented by traveltrade.visitgreenland.com and stamps.gl.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): handelsretten.dk, traveltrade.visitgreenland.com, www.nrg.dk, www.scangl.dk, rigsadvokaten.dk, mit.dk, ens.dk, www.stamps.gl, copenhagensuborbitals.com, hvidvask.dk, login.politi.dk, netbutik.postnord.dk, www.rn.dk, byret.dk, www.borger.dk, budgetenergi.dk, sdkgroup.com, nrgi.dk, ringsted.dk, en.midtjyllandslufthavn.dk
Targets from prev attack(0):
Dismissed Targets(27): billig-strom.dk, zapp.min-forsyning.dk, www.egedalkommune.dk, www.hillerod.dk, avannaata.gl, www.dragoer.dk, www.frederikssund.dk, aul.gl, rahnet.dk, albertslund.dk, www.faxekommune.dk, albatros-arctic-circle.com, www.htk.dk, elnet.dk, www.guldborgsund.dk, www.ballerup.dk, nuukwatertaxi.gl, www.horsholm.dk, www.inatsisartut.gl, www.brondby.dk, www.gladsaxe.dk, www.frederiksberg.dk, www.furesoe.dk, fredensborg.dk, www.koege.dk, www.ombudsmand.gl, www.lolland.dk

Detected attack on 2026-03-27_16-20-08

codabar@42de.it (Alfredo Terrone) — Fri, 27 Mar 2026 16:20:08 +0000

The sites attacked by noname057 primarily belong to Denmark and Greenland, with a focus on local government and municipal websites. Key targets include various municipalities such as Hørsholm, Fredensborg, Køge, and Gladsaxe, as well as services related to energy and transportation in Greenland. The attacks highlight a significant interest in disrupting local governance and public services in these regions.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.horsholm.dk, billig-strom.dk, www.koege.dk, fredensborg.dk, aul.gl, www.faxekommune.dk, albatros-arctic-circle.com, avannaata.gl, nuukwatertaxi.gl, www.lolland.dk, www.gladsaxe.dk, zapp.min-forsyning.dk, www.frederiksberg.dk, www.egedalkommune.dk, elnet.dk, www.hillerod.dk, www.inatsisartut.gl, rahnet.dk, www.brondby.dk, www.htk.dk, www.ballerup.dk, www.furesoe.dk, www.dragoer.dk, albertslund.dk, www.frederikssund.dk, www.ombudsmand.gl, www.guldborgsund.dk
Dismissed Targets(1): kujalleq.gl

Detected attack on 2026-03-27_16-15-08

codabar@42de.it (Alfredo Terrone) — Fri, 27 Mar 2026 16:15:08 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Greenland. Notable affected sites include various municipal and regional government websites such as horsholm.dk, fredensborg.dk, and koege.dk, as well as local services like nuukwatertaxi.gl and albatros-arctic-circle.com. The attacks highlight a significant focus on Danish public sector entities and services.^{AI generated}
28 targets are under attack, 0 new targets and 28 targets from previous attack
New Targets(0):
Targets from prev attack(28): www.horsholm.dk, billig-strom.dk, www.koege.dk, fredensborg.dk, aul.gl, www.faxekommune.dk, albatros-arctic-circle.com, avannaata.gl, nuukwatertaxi.gl, www.lolland.dk, www.gladsaxe.dk, zapp.min-forsyning.dk, www.frederiksberg.dk, www.egedalkommune.dk, elnet.dk, www.hillerod.dk, www.inatsisartut.gl, rahnet.dk, www.brondby.dk, www.htk.dk, www.ballerup.dk, www.furesoe.dk, www.dragoer.dk, albertslund.dk, www.frederikssund.dk, www.ombudsmand.gl, kujalleq.gl, www.guldborgsund.dk
Dismissed Targets(11): eastgreenland.com, isg.gl, govmin.gl, naalakkersuisut.gl, www.installationsblanket.dk, www.sullissivik.gl, konstant.dk, www.zeanet.dk, herlev.dk, flow-elnet.dk, energy.zapp.dk

Detected attack on 2026-03-27_16-05-41

codabar@42de.it (Alfredo Terrone) — Fri, 27 Mar 2026 16:05:41 +0000

Noname057(16) has targeted various websites primarily in Denmark and Greenland. The attacks have affected municipal sites such as www.frederiksberg.dk, www.frederikssund.dk, and www.koege.dk, as well as other regional platforms like www.hillerod.dk and www.gladsaxe.dk. Additionally, several Greenlandic sites, including avannaata.gl and nuukwatertaxi.gl, have also been compromised. The attacks highlight a significant focus on local government and service-oriented websites within these countries.^{AI generated}
39 targets are under attack, 1 new targets and 38 targets from previous attack
New Targets(1): avannaata.gl
Targets from prev attack(38): www.frederiksberg.dk, www.frederikssund.dk, www.koege.dk, fredensborg.dk, www.dragoer.dk, nuukwatertaxi.gl, www.faxekommune.dk, zapp.min-forsyning.dk, eastgreenland.com, rahnet.dk, www.zeanet.dk, herlev.dk, www.egedalkommune.dk, www.gladsaxe.dk, isg.gl, www.htk.dk, govmin.gl, www.hillerod.dk, flow-elnet.dk, albertslund.dk, konstant.dk, www.inatsisartut.gl, www.furesoe.dk, kujalleq.gl, naalakkersuisut.gl, www.sullissivik.gl, www.guldborgsund.dk, energy.zapp.dk, www.lolland.dk, aul.gl, albatros-arctic-circle.com, billig-strom.dk, www.horsholm.dk, www.ballerup.dk, www.ombudsmand.gl, www.brondby.dk, www.installationsblanket.dk, elnet.dk
Dismissed Targets(0):

Detected attack on 2026-03-27_11-05-10

codabar@42de.it (Alfredo Terrone) — Fri, 27 Mar 2026 11:05:10 +0000

The sites attacked by noname057 primarily belong to Denmark and Greenland. Notable Danish municipalities include Albertslund, Herlev, Egedal, Høje-Taastrup, Gladsaxe, and Frederiksberg, among others. Additionally, several websites related to Greenland's governance and services, such as Naalakkersuisut and Inatsisartut, were also targeted. The attacks highlight a significant focus on local government and public service websites in these regions.^{AI generated}
38 targets are under attack, 10 new targets and 28 targets from previous attack
New Targets(10): eastgreenland.com, www.ombudsmand.gl, www.sullissivik.gl, nuukwatertaxi.gl, aul.gl, kujalleq.gl, isg.gl, naalakkersuisut.gl, www.inatsisartut.gl, albatros-arctic-circle.com
Targets from prev attack(28): albertslund.dk, herlev.dk, www.htk.dk, www.egedalkommune.dk, flow-elnet.dk, konstant.dk, elnet.dk, www.frederikssund.dk, www.gladsaxe.dk, www.horsholm.dk, www.zeanet.dk, www.hillerod.dk, fredensborg.dk, www.frederiksberg.dk, www.lolland.dk, billig-strom.dk, www.furesoe.dk, www.ballerup.dk, www.guldborgsund.dk, govmin.gl, www.koege.dk, energy.zapp.dk, www.installationsblanket.dk, www.dragoer.dk, zapp.min-forsyning.dk, www.faxekommune.dk, www.brondby.dk, rahnet.dk
Dismissed Targets(0):

Detected attack on 2026-03-27_07-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 27 Mar 2026 07:05:09 +0000

The recent attacks by the group noname057(16) primarily targeted Danish municipal websites. Key cities under attack include Frederikssund, Hørsholm, Herlev, Frederiksberg, Furesø, Gladsaxe, and Ballerup, among others. These cyber incidents have impacted various local government and utility services across Denmark.^{AI generated}
28 targets are under attack, 28 new targets and 0 targets from previous attack
New Targets(28): www.frederikssund.dk, www.horsholm.dk, billig-strom.dk, www.frederiksberg.dk, herlev.dk, www.furesoe.dk, www.gladsaxe.dk, fredensborg.dk, www.egedalkommune.dk, energy.zapp.dk, flow-elnet.dk, www.koege.dk, albertslund.dk, www.guldborgsund.dk, www.htk.dk, elnet.dk, www.brondby.dk, zapp.min-forsyning.dk, www.zeanet.dk, www.faxekommune.dk, govmin.gl, konstant.dk, www.hillerod.dk, www.ballerup.dk, www.installationsblanket.dk, rahnet.dk, www.lolland.dk, www.dragoer.dk
Targets from prev attack(0):
Dismissed Targets(21): horsens.dk, www.dtu.dk, www.billund.dk, www.kolding.dk, www.aalborg.dk, nordenerginet.dk, holbaek.dk, 34.165.118.20, www.odense.dk, en.energinet.dk, solrod.dk, www.moviatrafik.dk, www.vejle.dk, digst.dk, m.dk, www.roskilde.dk, 64.177.64.234, eltjek24.dk, sef.dk, selvbetjening.sef.dk, www.randers.dk

Detected attack on 2026-03-26_08-45-09

codabar@42de.it (Alfredo Terrone) — Thu, 26 Mar 2026 08:45:09 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark. Key cities affected include Aalborg, Vejle, Horsens, Randers, Kolding, Billund, Holbaek, Roskilde, Odense, and several others. The attacks also impacted national infrastructure sites, highlighting a focus on Danish governmental and energy sector websites.^{AI generated}
21 targets are under attack, 2 new targets and 19 targets from previous attack
New Targets(2): 34.165.118.20, 64.177.64.234
Targets from prev attack(19): solrod.dk, www.aalborg.dk, www.vejle.dk, eltjek24.dk, horsens.dk, www.randers.dk, digst.dk, www.kolding.dk, www.billund.dk, holbaek.dk, www.dtu.dk, en.energinet.dk, www.roskilde.dk, www.odense.dk, www.moviatrafik.dk, sef.dk, selvbetjening.sef.dk, nordenerginet.dk, m.dk
Dismissed Targets(0):

Detected attack on 2026-03-26_07-30-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Mar 2026 07:30:08 +0000

The attacks by noname057 primarily targeted Denmark, with various local government and utility websites being affected. Key cities under attack include Copenhagen, Aalborg, Odense, Holbæk, Randers, Horsens, Roskilde, Vejle, Billund, and Kolding. The attacks also impacted energy and transportation services, highlighting vulnerabilities in critical infrastructure.^{AI generated}
19 targets are under attack, 1 new targets and 18 targets from previous attack
New Targets(1): m.dk
Targets from prev attack(18): nordenerginet.dk, eltjek24.dk, en.energinet.dk, www.dtu.dk, solrod.dk, www.vejle.dk, selvbetjening.sef.dk, www.billund.dk, www.aalborg.dk, www.moviatrafik.dk, www.randers.dk, sef.dk, horsens.dk, www.roskilde.dk, digst.dk, www.odense.dk, www.kolding.dk, holbaek.dk
Dismissed Targets(0):

Detected attack on 2026-03-26_07-25-12

codabar@42de.it (Alfredo Terrone) — Thu, 26 Mar 2026 07:25:12 +0000

Noname057(16) has targeted various websites primarily in Denmark. The attacked sites include local government and energy-related platforms, indicating a focus on critical infrastructure and municipal services. Key cities under attack include Holbæk, Nordenergi, Vejle, Billund, Aalborg, Randers, Roskilde, Odense, and Kolding, highlighting a concentrated effort against Danish online resources.^{AI generated}
18 targets are under attack, 4 new targets and 14 targets from previous attack
New Targets(4): www.roskilde.dk, digst.dk, www.moviatrafik.dk, www.dtu.dk
Targets from prev attack(14): nordenerginet.dk, eltjek24.dk, en.energinet.dk, solrod.dk, www.vejle.dk, www.billund.dk, www.aalborg.dk, selvbetjening.sef.dk, sef.dk, www.randers.dk, horsens.dk, www.odense.dk, www.kolding.dk, holbaek.dk
Dismissed Targets(0):

Detected attack on 2026-03-26_07-20-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Mar 2026 07:20:08 +0000

Noname057(16) has targeted several websites in Denmark, primarily affecting local government and energy-related sites. The principal cities under attack include Aalborg, Vejle, Kolding, Horsens, Odense, Randers, Holbæk, and Billund, indicating a focused effort on municipal services and infrastructure.^{AI generated}
14 targets are under attack, 4 new targets and 10 targets from previous attack
New Targets(4): www.randers.dk, horsens.dk, www.vejle.dk, www.kolding.dk
Targets from prev attack(10): selvbetjening.sef.dk, holbaek.dk, en.energinet.dk, www.odense.dk, www.aalborg.dk, www.billund.dk, sef.dk, eltjek24.dk, solrod.dk, nordenerginet.dk
Dismissed Targets(0):

Detected attack on 2026-03-26_07-15-07

codabar@42de.it (Alfredo Terrone) — Thu, 26 Mar 2026 07:15:07 +0000

Noname057(16) has targeted various websites primarily in Denmark. The attacked sites include governmental and energy-related platforms, indicating a focus on critical infrastructure. Key cities under attack include Aalborg, Odense, Holbaek, and Billund, along with national energy organizations like Energinet. The attacks suggest a strategic interest in disrupting public services and energy management in the region.^{AI generated}
10 targets are under attack, 5 new targets and 5 targets from previous attack
New Targets(5): www.aalborg.dk, www.odense.dk, holbaek.dk, www.billund.dk, solrod.dk
Targets from prev attack(5): selvbetjening.sef.dk, en.energinet.dk, sef.dk, eltjek24.dk, nordenerginet.dk
Dismissed Targets(0):

Detected attack on 2026-03-26_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Mar 2026 07:10:08 +0000

The sites attacked by noname057 include various energy and utility companies primarily from Denmark. Key targets are eltjek24.dk, nordenerginet.dk, en.energinet.dk, selvbetjening.sef.dk, and sef.dk, indicating a focus on the Danish energy sector.^{AI generated}
5 targets are under attack, 5 new targets and 0 targets from previous attack
New Targets(5): eltjek24.dk, nordenerginet.dk, en.energinet.dk, selvbetjening.sef.dk, sef.dk
Targets from prev attack(0):
Dismissed Targets(27): www.vindstoed.dk, www.ritzau.dk, ritzau.com, mit.nanoqmedia.gl, portofkalundborg.dk, sermersooq.gl, avannaata.gl, www.knr.gl, www.rk.dk, nanoqmedia.gl, www.l-net.dk, nordicshipping.csl-consult.dk, www.gronlandskehavnelods.dk, nrgi.dk, www.banken.gl, qeqertalik.gl, loginportal.nrgi.dk, en.midtjyllandslufthavn.dk, www.dr.dk, via.ritzau.dk, rudersdal.dk, greenpowerdenmark.dk, stat.gl, www.energiviborg.dk, kundeportal.energiviborg.dk, qeqqata.gl, www.regionoest.dk

Detected attack on 2026-03-25_11-05-08

codabar@42de.it (Alfredo Terrone) — Wed, 25 Mar 2026 11:05:08 +0000

The attacks by noname057 primarily targeted Denmark and Greenland, affecting various websites including news agencies, local government portals, and energy companies. Notable sites under attack include ritzau.dk, energiviborg.dk, and multiple Greenlandic domains such as avannaata.gl and knr.gl.^{AI generated}
27 targets are under attack, 10 new targets and 17 targets from previous attack
New Targets(10): qeqertalik.gl, sermersooq.gl, qeqqata.gl, www.gronlandskehavnelods.dk, www.knr.gl, stat.gl, mit.nanoqmedia.gl, www.banken.gl, nanoqmedia.gl, avannaata.gl
Targets from prev attack(17): www.ritzau.dk, ritzau.com, www.energiviborg.dk, en.midtjyllandslufthavn.dk, www.rk.dk, www.regionoest.dk, portofkalundborg.dk, rudersdal.dk, nrgi.dk, kundeportal.energiviborg.dk, via.ritzau.dk, nordicshipping.csl-consult.dk, loginportal.nrgi.dk, www.vindstoed.dk, www.l-net.dk, www.dr.dk, greenpowerdenmark.dk
Dismissed Targets(0):

Detected attack on 2026-03-25_07-10-08

codabar@42de.it (Alfredo Terrone) — Wed, 25 Mar 2026 07:10:08 +0000

The sites attacked by noname057(16) primarily belong to Denmark, indicating a focused cyber threat in this region. The targeted websites include various local news outlets, energy companies, and municipal services, highlighting a potential interest in critical infrastructure and information dissemination within the country.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.energiviborg.dk, ritzau.com, www.rk.dk, www.dr.dk, via.ritzau.dk, www.regionoest.dk, en.midtjyllandslufthavn.dk, nordicshipping.csl-consult.dk, greenpowerdenmark.dk, www.vindstoed.dk, www.l-net.dk, www.ritzau.dk, portofkalundborg.dk, kundeportal.energiviborg.dk, loginportal.nrgi.dk, nrgi.dk, rudersdal.dk
Targets from prev attack(0):
Dismissed Targets(21): testhvidvask.politi.dk, mit.dk, traveltrade.visitgreenland.com, statistikbanken.dk, politiken.dk, businessindenmark.virk.dk, arcticexcursions.com, hvidvask.politi.dk, kombit.dk, www.dmi.dk, login.politi.dk, www.slagelse.dk, expeditionsgreenland.gl, ens.dk, explorer.dst.dk, hvidvask.dk, sdkgroup.com, www.stamps.gl, workindenmark.dk, www.valgprojektet.dk, nyidanmark.dk

Detected attack on 2026-03-24_14-55-24

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 14:55:24 +0000

Noname057(16) has targeted various websites primarily in Denmark. The attacked sites include government and tourism-related platforms, such as sdkgroup.com, testhvidvask.politi.dk, and traveltrade.visitgreenland.com. Other notable targets are ens.dk, stamps.gl, and several local government sites like nyidanmark.dk and slagelse.dk. The campaign highlights a focus on Danish institutions and services, indicating a concentrated effort within this country.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): sdkgroup.com, testhvidvask.politi.dk, traveltrade.visitgreenland.com, ens.dk, www.stamps.gl, nyidanmark.dk, www.slagelse.dk, explorer.dst.dk, hvidvask.dk, businessindenmark.virk.dk, mit.dk, hvidvask.politi.dk, expeditionsgreenland.gl, login.politi.dk, statistikbanken.dk, politiken.dk, arcticexcursions.com, workindenmark.dk, kombit.dk, www.valgprojektet.dk, www.dmi.dk
Dismissed Targets(1): www.sdu.dk

Detected attack on 2026-03-24_12-15-08

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 12:15:08 +0000

The attacks attributed to noname057(16) primarily target websites in Denmark and Greenland. Key sectors affected include government services, educational institutions, and tourism-related sites. Notable targets include stamps.gl, sdu.dk, and various Danish police and statistics websites, indicating a focus on critical infrastructure and public services in these regions.^{AI generated}
22 targets are under attack, 4 new targets and 18 targets from previous attack
New Targets(4): www.stamps.gl, traveltrade.visitgreenland.com, expeditionsgreenland.gl, arcticexcursions.com
Targets from prev attack(18): nyidanmark.dk, www.slagelse.dk, mit.dk, hvidvask.politi.dk, www.sdu.dk, hvidvask.dk, ens.dk, workindenmark.dk, politiken.dk, www.dmi.dk, www.valgprojektet.dk, statistikbanken.dk, businessindenmark.virk.dk, sdkgroup.com, kombit.dk, testhvidvask.politi.dk, explorer.dst.dk, login.politi.dk
Dismissed Targets(0):

Detected attack on 2026-03-24_07-25-08

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 07:25:08 +0000

The attacks attributed to noname057(16) primarily targeted websites in Denmark. Key sectors affected include government services, law enforcement, and public information platforms. Notable sites attacked include explorer.dst.dk, login.politi.dk, and dmi.dk, among others, indicating a focus on critical national infrastructure and public services.^{AI generated}
18 targets are under attack, 1 new targets and 17 targets from previous attack
New Targets(1): www.sdu.dk
Targets from prev attack(17): explorer.dst.dk, login.politi.dk, hvidvask.dk, www.dmi.dk, ens.dk, www.slagelse.dk, workindenmark.dk, www.valgprojektet.dk, politiken.dk, mit.dk, hvidvask.politi.dk, businessindenmark.virk.dk, testhvidvask.politi.dk, statistikbanken.dk, sdkgroup.com, kombit.dk, nyidanmark.dk
Dismissed Targets(0):

Detected attack on 2026-03-24_07-20-08

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 07:20:08 +0000

Noname057(16) has targeted various websites primarily from Denmark. The attacked sites include government and public service platforms, such as kombit.dk, hvidvask.politi.dk, and login.politi.dk, indicating a focus on national infrastructure. Additionally, commercial and statistical sites like sdkgroup.com and statistikbanken.dk were also affected, highlighting a broader attack on both public and private sectors within the country.^{AI generated}
17 targets are under attack, 6 new targets and 11 targets from previous attack
New Targets(6): www.dmi.dk, www.slagelse.dk, ens.dk, workindenmark.dk, nyidanmark.dk, mit.dk
Targets from prev attack(11): kombit.dk, www.valgprojektet.dk, hvidvask.politi.dk, sdkgroup.com, businessindenmark.virk.dk, explorer.dst.dk, testhvidvask.politi.dk, hvidvask.dk, statistikbanken.dk, login.politi.dk, politiken.dk
Dismissed Targets(0):

Detected attack on 2026-03-24_07-15-08

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 07:15:08 +0000

Noname057(16) has targeted various websites primarily in Denmark. The attacked sites include government and statistical platforms, such as kombit.dk and statistikbanken.dk, as well as law enforcement-related sites like hvidvask.politi.dk and login.politi.dk. Additionally, the group has targeted business and project-related websites, including sdkgroup.com and businessindenmark.virk.dk.^{AI generated}
11 targets are under attack, 2 new targets and 9 targets from previous attack
New Targets(2): www.valgprojektet.dk, politiken.dk
Targets from prev attack(9): kombit.dk, hvidvask.politi.dk, sdkgroup.com, businessindenmark.virk.dk, testhvidvask.politi.dk, explorer.dst.dk, statistikbanken.dk, hvidvask.dk, login.politi.dk
Dismissed Targets(0):

Detected attack on 2026-03-24_07-10-10

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 07:10:10 +0000

Noname057(16) has targeted several websites primarily in Denmark. The attacked sites include login.politi.dk and testhvidvask.politi.dk, which are associated with the Danish police and anti-money laundering efforts. Other affected sites include statistikbanken.dk, a statistical database, and sdkgroup.com, representing a business group. Additionally, kombit.dk and businessindenmark.virk.dk are involved in public sector IT solutions and business support in Denmark. Overall, the attacks predominantly focus on Danish governmental and business-related platforms.^{AI generated}
9 targets are under attack, 1 new targets and 8 targets from previous attack
New Targets(1): kombit.dk
Targets from prev attack(8): login.politi.dk, testhvidvask.politi.dk, hvidvask.dk, sdkgroup.com, statistikbanken.dk, explorer.dst.dk, hvidvask.politi.dk, businessindenmark.virk.dk
Dismissed Targets(6): ral.gl, visitgreenland.com, www.diskoline.gl, bus.gl, sikuki.gl, www.greenland-travel.com

Detected attack on 2026-03-24_07-05-07

codabar@42de.it (Alfredo Terrone) — Tue, 24 Mar 2026 07:05:07 +0000

Noname057(16) has targeted various websites primarily in Denmark and Greenland. The attacked sites include government portals such as login.politi.dk and testhvidvask.politi.dk, as well as travel and business-related platforms like www.greenland-travel.com and businessindenmark.virk.dk. Other notable targets include statistikbanken.dk and sdkgroup.com, indicating a focus on both public services and tourism sectors in these regions.^{AI generated}
14 targets are under attack, 8 new targets and 6 targets from previous attack
New Targets(8): login.politi.dk, testhvidvask.politi.dk, hvidvask.dk, sdkgroup.com, statistikbanken.dk, explorer.dst.dk, hvidvask.politi.dk, businessindenmark.virk.dk
Targets from prev attack(6): ral.gl, visitgreenland.com, www.diskoline.gl, bus.gl, sikuki.gl, www.greenland-travel.com
Dismissed Targets(22): www.rn.dk, socialistiskfolkeparti.dk, radikalevenstre.dk, www.nrg.dk, konservative.dk, www.taarnby.dk, www.airports.gl, airgreenland.com, copenhagensuborbitals.com, ntg.com, login.konservative.dk, handelsretten.dk, byret.dk, www.scangl.dk, borgernesparti.dk, www.borger.dk, netbutik.postnord.dk, energinet.dk, eng.navigation.gl, e-commerce.airgreenland.com, rigsadvokaten.dk, ringsted.dk

Detected attack on 2026-03-23_11-05-10

codabar@42de.it (Alfredo Terrone) — Mon, 23 Mar 2026 11:05:10 +0000

The attacks by noname057 primarily target websites in Denmark and Greenland. Key sectors affected include government, travel, and political organizations, with notable sites like borger.dk, airgreenland.com, and visitgreenland.com being compromised.^{AI generated}
28 targets are under attack, 10 new targets and 18 targets from previous attack
New Targets(10): ral.gl, bus.gl, www.airports.gl, eng.navigation.gl, www.diskoline.gl, e-commerce.airgreenland.com, visitgreenland.com, www.greenland-travel.com, airgreenland.com, sikuki.gl
Targets from prev attack(18): ntg.com, www.nrg.dk, www.rn.dk, copenhagensuborbitals.com, rigsadvokaten.dk, handelsretten.dk, borgernesparti.dk, byret.dk, netbutik.postnord.dk, ringsted.dk, www.borger.dk, login.konservative.dk, www.taarnby.dk, konservative.dk, energinet.dk, www.scangl.dk, radikalevenstre.dk, socialistiskfolkeparti.dk
Dismissed Targets(0):

Detected attack on 2026-03-23_07-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 23 Mar 2026 07:10:08 +0000

Noname057(16) has targeted several websites primarily in Denmark. The attacked sites include political party websites such as konservative.dk and socialistiskfolkeparti.dk, as well as various government and municipal sites like borger.dk and ringsted.dk. Other targeted entities include energy companies like nrg.dk and online services such as netbutik.postnord.dk. The attacks reflect a specific focus on Danish institutions and organizations.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): login.konservative.dk, rigsadvokaten.dk, konservative.dk, handelsretten.dk, www.borger.dk, www.nrg.dk, www.rn.dk, socialistiskfolkeparti.dk, ringsted.dk, energinet.dk, netbutik.postnord.dk, byret.dk, borgernesparti.dk, ntg.com, radikalevenstre.dk, www.scangl.dk, copenhagensuborbitals.com, www.taarnby.dk
Targets from prev attack(0):
Dismissed Targets(19): siveco.ro, www.ifbfinwest.ro, victorstanila.ro, www.imm.gov.ro, rocaindustry.ro, www.isf.ro, www.transilvaniabroker.ro, ro.dbcargo.com, portal.just.ro, inm-lex.ro, www.astratranscarpatic.ro, www.gecad.com, rafo.ro, www.unpir.ro, www.bega.ro, www.alro.ro, www.cfrcalatori.ro, investingromania.com, e-guvernare.ro

Detected attack on 2026-03-22_09-00-09

codabar@42de.it (Alfredo Terrone) — Sun, 22 Mar 2026 09:00:09 +0000

Noname057(16) has targeted various websites primarily in Romania. The affected sites include government portals, financial institutions, and transportation services, highlighting a significant focus on critical infrastructure and public services in the country.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.transilvaniabroker.ro, victorstanila.ro, www.imm.gov.ro, inm-lex.ro, ro.dbcargo.com, investingromania.com, portal.just.ro, www.astratranscarpatic.ro, e-guvernare.ro, rocaindustry.ro, www.unpir.ro, www.gecad.com, www.ifbfinwest.ro, www.isf.ro, www.alro.ro, www.bega.ro, rafo.ro, www.cfrcalatori.ro, siveco.ro
Targets from prev attack(0):
Dismissed Targets(17): www.cdep.ro, timrailcargo.ro, www.iccj.ro, arbitration.ccir.ro, www.afer.ro, www.scj.ro, www.rarom.ro, www.just.ro, www.mapn.ro, mersultrenurilor.infofer.ro, cfr.ro, www.onrc.ro, www.rominvent.ro, api.molromania.ro, revasimeria.ro, www.snam.ro, www.metrorex.ro

Detected attack on 2026-03-21_07-05-08

codabar@42de.it (Alfredo Terrone) — Sat, 21 Mar 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include government and transportation-related entities, such as the Ministry of National Defense (mapn.ro), the Romanian Railway Company (cfr.ro), and the High Court of Cassation and Justice (iccj.ro). Other affected organizations include arbitration and legal institutions, as well as public utilities like Metrorex, indicating a focus on critical infrastructure and public services in Romania.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.scj.ro, www.snam.ro, timrailcargo.ro, www.rominvent.ro, www.mapn.ro, arbitration.ccir.ro, revasimeria.ro, www.iccj.ro, www.afer.ro, www.rarom.ro, www.onrc.ro, www.just.ro, api.molromania.ro, www.metrorex.ro, cfr.ro, mersultrenurilor.infofer.ro, www.cdep.ro
Targets from prev attack(0):
Dismissed Targets(23): www.rail.co.il, www.electroputere.ro, www.bcr.ro, www.gahat.com, www.csalb.ro, www.bcrlocuinte.ro, www.brci.ro, www.ariel.muni.il, zionutdatit.org.il, www.eutralog.com, www.cfir.co.il, www.bg-paint.co.il, www.ibr-rbi.ro, noamparty.org.il, www.eximbank.ro, www.groupama.ro, gfr.ro, www.umelfahem.org, shas.org.il, e-prail.ro, magam-safety.com, www.rosh-haayin.muni.il, bilete.cfrcalatori.ro

Detected attack on 2026-03-20_17-10-17

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 17:10:17 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key sectors affected include transportation, banking, and local government services. Notable sites include Israeli rail and municipal websites, as well as Romanian banking and transportation services.^{AI generated}
23 targets are under attack, 0 new targets and 23 targets from previous attack
New Targets(0):
Targets from prev attack(23): www.rail.co.il, www.bg-paint.co.il, www.brci.ro, www.csalb.ro, noamparty.org.il, www.bcr.ro, gfr.ro, www.ariel.muni.il, e-prail.ro, www.ibr-rbi.ro, www.eutralog.com, www.groupama.ro, bilete.cfrcalatori.ro, www.gahat.com, www.electroputere.ro, www.rosh-haayin.muni.il, magam-safety.com, www.umelfahem.org, shas.org.il, zionutdatit.org.il, www.cfir.co.il, www.bcrlocuinte.ro, www.eximbank.ro
Dismissed Targets(7): www.ifbfinwest.ro, victorstanila.ro, ro.dbcargo.com, www.cfrcalatori.ro, www.transilvaniabroker.ro, www.alro.ro, siveco.ro

Detected attack on 2026-03-20_17-05-14

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 17:05:14 +0000

The attacks attributed to noname057 primarily targeted websites in Israel and Romania. Key sectors affected include transportation, finance, and local government services. Notable sites include rail and municipal websites from Israel, as well as various financial and commercial platforms from Romania.^{AI generated}
30 targets are under attack, 0 new targets and 30 targets from previous attack
New Targets(0):
Targets from prev attack(30): www.rail.co.il, www.bg-paint.co.il, www.brci.ro, www.csalb.ro, noamparty.org.il, www.cfrcalatori.ro, www.transilvaniabroker.ro, www.bcr.ro, gfr.ro, www.ariel.muni.il, www.ifbfinwest.ro, victorstanila.ro, e-prail.ro, ro.dbcargo.com, www.ibr-rbi.ro, www.alro.ro, www.eutralog.com, www.groupama.ro, bilete.cfrcalatori.ro, www.gahat.com, www.electroputere.ro, www.rosh-haayin.muni.il, magam-safety.com, www.umelfahem.org, shas.org.il, zionutdatit.org.il, www.cfir.co.il, www.bcrlocuinte.ro, siveco.ro, www.eximbank.ro
Dismissed Targets(2): rafo.ro, www.bega.ro

Detected attack on 2026-03-20_14-30-11

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 14:30:11 +0000

Noname057(16) has targeted various websites primarily in Romania and Israel. The attacks include sites from sectors such as finance, transportation, and local government. Key countries under attack are Romania, with numerous sites like bcr.ro, e-prail.ro, and gahat.com, and Israel, featuring sites such as noamparty.org.il, cfir.co.il, and shas.org.il. The diversity of the targeted sites indicates a broad interest in disrupting services across different sectors in these nations.^{AI generated}
32 targets are under attack, 1 new targets and 31 targets from previous attack
New Targets(1): www.umelfahem.org
Targets from prev attack(31): www.gahat.com, noamparty.org.il, e-prail.ro, www.ifbfinwest.ro, www.bg-paint.co.il, www.brci.ro, www.bcr.ro, siveco.ro, rafo.ro, www.ibr-rbi.ro, www.bega.ro, www.cfir.co.il, www.rail.co.il, www.rosh-haayin.muni.il, www.transilvaniabroker.ro, shas.org.il, www.csalb.ro, www.eximbank.ro, victorstanila.ro, www.electroputere.ro, www.bcrlocuinte.ro, www.eutralog.com, ro.dbcargo.com, www.alro.ro, magam-safety.com, zionutdatit.org.il, gfr.ro, www.ariel.muni.il, www.groupama.ro, www.cfrcalatori.ro, bilete.cfrcalatori.ro
Dismissed Targets(0):

Detected attack on 2026-03-20_14-25-23

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 14:25:23 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key sectors affected include finance, transportation, and local government services. Notable sites under attack include financial institutions like bcr.ro and eximbank.ro, as well as various municipal and transportation-related sites in both countries.^{AI generated}
31 targets are under attack, 1 new targets and 30 targets from previous attack
New Targets(1): www.ibr-rbi.ro
Targets from prev attack(30): www.gahat.com, noamparty.org.il, e-prail.ro, www.ifbfinwest.ro, www.bg-paint.co.il, www.brci.ro, www.bcr.ro, siveco.ro, rafo.ro, www.bega.ro, www.cfir.co.il, www.rail.co.il, www.rosh-haayin.muni.il, www.transilvaniabroker.ro, victorstanila.ro, www.csalb.ro, www.eximbank.ro, www.electroputere.ro, shas.org.il, www.bcrlocuinte.ro, www.eutralog.com, ro.dbcargo.com, www.alro.ro, magam-safety.com, zionutdatit.org.il, gfr.ro, www.ariel.muni.il, www.groupama.ro, www.cfrcalatori.ro, bilete.cfrcalatori.ro
Dismissed Targets(1): www.umelfahem.org

Detected attack on 2026-03-20_14-20-41

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 14:20:41 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key Israeli sites include various municipal and organizational platforms, such as rail.co.il and zionutdatit.org.il. In Romania, the attacks focus on a range of sectors, including transportation and finance, with sites like bega.ro, siveco.ro, and bcr.ro being notable examples. Overall, the campaign shows a concentrated effort against entities in these two countries.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): www.rail.co.il, www.ariel.muni.il, www.bega.ro, zionutdatit.org.il, www.brci.ro, siveco.ro, www.bcrlocuinte.ro, www.alro.ro, www.csalb.ro, www.eutralog.com, bilete.cfrcalatori.ro, www.rosh-haayin.muni.il, gfr.ro, www.groupama.ro, www.cfir.co.il, www.eximbank.ro, www.gahat.com, www.bcr.ro, victorstanila.ro, www.bg-paint.co.il, www.electroputere.ro, shas.org.il, noamparty.org.il, ro.dbcargo.com, www.cfrcalatori.ro, rafo.ro, e-prail.ro, magam-safety.com, www.ifbfinwest.ro, www.umelfahem.org, www.transilvaniabroker.ro
Dismissed Targets(1): www.ibr-rbi.ro

Detected attack on 2026-03-20_12-30-10

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 12:30:10 +0000

The attacks attributed to noname057 primarily targeted websites in Romania and Israel. Key Romanian sites include e-prail.ro, siveco.ro, and bcr.ro, while notable Israeli targets include noamparty.org.il, bg-paint.co.il, and shas.org.il. These attacks reflect a focus on various sectors, including transportation, finance, and government services.^{AI generated}
32 targets are under attack, 1 new targets and 31 targets from previous attack
New Targets(1): gfr.ro
Targets from prev attack(31): e-prail.ro, siveco.ro, www.alro.ro, www.cfrcalatori.ro, www.csalb.ro, www.bcrlocuinte.ro, www.electroputere.ro, ro.dbcargo.com, www.ibr-rbi.ro, noamparty.org.il, www.brci.ro, www.bg-paint.co.il, www.bega.ro, www.gahat.com, www.groupama.ro, rafo.ro, bilete.cfrcalatori.ro, www.cfir.co.il, www.rosh-haayin.muni.il, www.eximbank.ro, victorstanila.ro, www.eutralog.com, www.rail.co.il, www.umelfahem.org, magam-safety.com, www.bcr.ro, www.ifbfinwest.ro, www.ariel.muni.il, shas.org.il, www.transilvaniabroker.ro, zionutdatit.org.il
Dismissed Targets(0):

Detected attack on 2026-03-20_12-25-09

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 12:25:09 +0000

The attacks attributed to noname057 primarily target websites in Romania, Israel, and a few other countries. Key sectors affected include transportation, banking, and public services. Notable Romanian sites include e-prail.ro and bcr.ro, while Israeli targets include noamparty.org.il and shas.org.il. The attacks demonstrate a focus on critical infrastructure and financial institutions in these regions.^{AI generated}
31 targets are under attack, 1 new targets and 30 targets from previous attack
New Targets(1): www.rosh-haayin.muni.il
Targets from prev attack(30): e-prail.ro, siveco.ro, www.alro.ro, www.cfrcalatori.ro, www.csalb.ro, www.bcrlocuinte.ro, ro.dbcargo.com, www.electroputere.ro, www.ibr-rbi.ro, noamparty.org.il, www.brci.ro, www.bg-paint.co.il, www.bega.ro, www.gahat.com, www.groupama.ro, rafo.ro, bilete.cfrcalatori.ro, www.cfir.co.il, www.eximbank.ro, victorstanila.ro, www.eutralog.com, www.rail.co.il, www.umelfahem.org, magam-safety.com, www.bcr.ro, www.ifbfinwest.ro, www.ariel.muni.il, shas.org.il, www.transilvaniabroker.ro, zionutdatit.org.il
Dismissed Targets(1): gfr.ro

Detected attack on 2026-03-20_12-20-14

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 12:20:14 +0000

The attacks attributed to noname057 primarily target websites in Romania and Israel. Key sectors affected include transportation, finance, and public services, with notable sites such as alro.ro, cfrcalatori.ro, and various banking institutions like bcr.ro and eximbank.ro. Other sectors include safety and logistics, reflecting a diverse range of interests from the attackers.^{AI generated}
31 targets are under attack, 1 new targets and 30 targets from previous attack
New Targets(1): www.umelfahem.org
Targets from prev attack(30): www.alro.ro, www.cfrcalatori.ro, www.cfir.co.il, noamparty.org.il, rafo.ro, e-prail.ro, www.brci.ro, www.electroputere.ro, www.eutralog.com, bilete.cfrcalatori.ro, siveco.ro, www.bcr.ro, shas.org.il, www.groupama.ro, www.bega.ro, www.csalb.ro, victorstanila.ro, ro.dbcargo.com, www.bcrlocuinte.ro, www.transilvaniabroker.ro, magam-safety.com, www.eximbank.ro, www.bg-paint.co.il, www.gahat.com, www.rail.co.il, www.ibr-rbi.ro, www.ariel.muni.il, www.ifbfinwest.ro, gfr.ro, zionutdatit.org.il
Dismissed Targets(1): www.rosh-haayin.muni.il

Detected attack on 2026-03-20_12-15-38

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 12:15:38 +0000

Noname057(16) has targeted various websites primarily located in Romania and Israel. The attacks include Romanian sites such as alro.ro, cfrcalatori.ro, rafo.ro, and bcr.ro, among others. In Israel, the targeted sites include cfir.co.il, noamparty.org.il, and shas.org.il. The campaign highlights a focus on sectors like transportation, finance, and public services in these countries.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): www.alro.ro, www.cfrcalatori.ro, www.cfir.co.il, noamparty.org.il, rafo.ro, e-prail.ro, www.brci.ro, www.electroputere.ro, www.eutralog.com, bilete.cfrcalatori.ro, siveco.ro, www.rosh-haayin.muni.il, www.bcr.ro, shas.org.il, www.groupama.ro, www.bega.ro, www.csalb.ro, victorstanila.ro, ro.dbcargo.com, www.bcrlocuinte.ro, www.transilvaniabroker.ro, magam-safety.com, www.eximbank.ro, www.bg-paint.co.il, www.gahat.com, www.rail.co.il, www.ibr-rbi.ro, www.ariel.muni.il, www.ifbfinwest.ro, gfr.ro, zionutdatit.org.il
Dismissed Targets(1): www.umelfahem.org

Detected attack on 2026-03-20_11-55-12

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 11:55:12 +0000

The attacks attributed to noname057 primarily target websites in Romania and Israel. Key sectors affected include transportation, banking, and local government services. Notable Romanian sites include groupama.ro and bcr.ro, while Israeli targets include rosh-haayin.muni.il and ariel.muni.il. The diversity of attacked sectors highlights a broad interest in disrupting both public and private services in these countries.^{AI generated}
32 targets are under attack, 2 new targets and 30 targets from previous attack
New Targets(2): magam-safety.com, shas.org.il
Targets from prev attack(30): www.groupama.ro, bilete.cfrcalatori.ro, www.rosh-haayin.muni.il, victorstanila.ro, www.csalb.ro, www.bcrlocuinte.ro, ro.dbcargo.com, www.ibr-rbi.ro, www.gahat.com, e-prail.ro, www.bega.ro, www.umelfahem.org, www.rail.co.il, www.bcr.ro, www.electroputere.ro, www.eximbank.ro, rafo.ro, zionutdatit.org.il, www.alro.ro, www.cfir.co.il, www.ariel.muni.il, www.eutralog.com, www.cfrcalatori.ro, gfr.ro, siveco.ro, www.bg-paint.co.il, www.transilvaniabroker.ro, www.brci.ro, noamparty.org.il, www.ifbfinwest.ro
Dismissed Targets(0):

Detected attack on 2026-03-20_11-50-12

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 11:50:12 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key sectors affected include finance, transportation, and local government services. Notable sites attacked include various banking institutions, municipal websites, and transportation-related platforms, reflecting a focus on critical infrastructure in these countries.^{AI generated}
30 targets are under attack, 1 new targets and 29 targets from previous attack
New Targets(1): www.ibr-rbi.ro
Targets from prev attack(29): www.cfir.co.il, noamparty.org.il, bilete.cfrcalatori.ro, www.cfrcalatori.ro, www.ifbfinwest.ro, www.brci.ro, siveco.ro, www.eximbank.ro, www.bega.ro, www.umelfahem.org, www.rosh-haayin.muni.il, rafo.ro, www.csalb.ro, www.eutralog.com, www.electroputere.ro, www.ariel.muni.il, gfr.ro, victorstanila.ro, www.rail.co.il, zionutdatit.org.il, www.bcrlocuinte.ro, www.bcr.ro, www.groupama.ro, www.gahat.com, www.transilvaniabroker.ro, ro.dbcargo.com, e-prail.ro, www.alro.ro, www.bg-paint.co.il
Dismissed Targets(2): shas.org.il, magam-safety.com

Detected attack on 2026-03-20_11-45-13

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 11:45:13 +0000

The attacks attributed to noname057 primarily targeted websites in Israel and Romania. Key sectors affected include finance, transportation, and local government services. The majority of the attacked sites belong to organizations and institutions in these countries, highlighting a focus on critical infrastructure and community services.^{AI generated}
31 targets are under attack, 2 new targets and 29 targets from previous attack
New Targets(2): www.groupama.ro, zionutdatit.org.il
Targets from prev attack(29): www.cfir.co.il, noamparty.org.il, bilete.cfrcalatori.ro, shas.org.il, www.cfrcalatori.ro, www.ifbfinwest.ro, www.brci.ro, siveco.ro, www.eximbank.ro, www.bega.ro, www.umelfahem.org, www.rosh-haayin.muni.il, www.csalb.ro, rafo.ro, www.eutralog.com, www.electroputere.ro, gfr.ro, www.ariel.muni.il, victorstanila.ro, www.rail.co.il, www.bcrlocuinte.ro, magam-safety.com, www.bcr.ro, www.gahat.com, www.transilvaniabroker.ro, ro.dbcargo.com, e-prail.ro, www.alro.ro, www.bg-paint.co.il
Dismissed Targets(1): www.ibr-rbi.ro

Detected attack on 2026-03-20_11-40-21

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 11:40:21 +0000

The attacks attributed to noname057 primarily targeted websites in Romania and Israel. Key Romanian sites include bega.ro, rafo.ro, and bcr.ro, while Israeli sites include cfir.co.il, shas.org.il, and ariel.muni.il. The attacks reflect a focus on various sectors, including finance, transportation, and local government services in these countries.^{AI generated}
30 targets are under attack, 1 new targets and 29 targets from previous attack
New Targets(1): www.gahat.com
Targets from prev attack(29): www.bega.ro, rafo.ro, www.umelfahem.org, gfr.ro, www.electroputere.ro, www.cfir.co.il, www.bg-paint.co.il, www.csalb.ro, siveco.ro, www.bcr.ro, www.eximbank.ro, noamparty.org.il, www.ifbfinwest.ro, bilete.cfrcalatori.ro, www.bcrlocuinte.ro, e-prail.ro, shas.org.il, victorstanila.ro, www.cfrcalatori.ro, magam-safety.com, www.eutralog.com, www.ariel.muni.il, www.alro.ro, www.brci.ro, www.rosh-haayin.muni.il, www.ibr-rbi.ro, ro.dbcargo.com, www.rail.co.il, www.transilvaniabroker.ro
Dismissed Targets(2): zionutdatit.org.il, www.groupama.ro

Detected attack on 2026-03-20_11-35-19

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 11:35:19 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key sectors affected include transportation, finance, and local government services. Notable sites include zionutdatit.org.il and various Romanian platforms such as bcr.ro and electroputere.ro. The attacks highlight a focus on critical infrastructure and public services in these countries.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): zionutdatit.org.il, www.bega.ro, rafo.ro, www.umelfahem.org, gfr.ro, www.electroputere.ro, www.cfir.co.il, www.bg-paint.co.il, www.csalb.ro, siveco.ro, www.bcr.ro, www.eximbank.ro, noamparty.org.il, www.ifbfinwest.ro, bilete.cfrcalatori.ro, www.bcrlocuinte.ro, www.groupama.ro, e-prail.ro, shas.org.il, victorstanila.ro, www.cfrcalatori.ro, magam-safety.com, www.eutralog.com, www.ariel.muni.il, www.alro.ro, www.brci.ro, www.rosh-haayin.muni.il, www.ibr-rbi.ro, ro.dbcargo.com, www.rail.co.il, www.transilvaniabroker.ro
Dismissed Targets(1): www.gahat.com

Detected attack on 2026-03-20_11-10-15

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 11:10:15 +0000

Noname057(16) has targeted various websites primarily located in Romania and Israel. The attacks include financial institutions, transportation services, and other sectors. Key countries under attack are Romania, with multiple sites such as brci.ro, eximbank.ro, and alro.ro, and Israel, featuring sites like cfir.co.il, ariel.muni.il, and shas.org.il.^{AI generated}
32 targets are under attack, 11 new targets and 21 targets from previous attack
New Targets(11): www.umelfahem.org, zionutdatit.org.il, www.cfir.co.il, magam-safety.com, www.gahat.com, shas.org.il, www.bg-paint.co.il, www.ariel.muni.il, noamparty.org.il, www.rosh-haayin.muni.il, www.rail.co.il
Targets from prev attack(21): www.brci.ro, www.eximbank.ro, www.csalb.ro, siveco.ro, gfr.ro, e-prail.ro, www.ifbfinwest.ro, www.alro.ro, rafo.ro, www.electroputere.ro, www.cfrcalatori.ro, www.bega.ro, bilete.cfrcalatori.ro, www.eutralog.com, www.ibr-rbi.ro, ro.dbcargo.com, www.transilvaniabroker.ro, www.groupama.ro, www.bcrlocuinte.ro, www.bcr.ro, victorstanila.ro
Dismissed Targets(0):

Detected attack on 2026-03-20_07-10-09

codabar@42de.it (Alfredo Terrone) — Fri, 20 Mar 2026 07:10:09 +0000

The attacks by noname057 primarily targeted websites in Romania. Notable sectors affected include finance, transportation, and insurance, with sites like bcr.ro, cfrcalatori.ro, and groupama.ro among those compromised. The campaign highlights vulnerabilities in Romanian digital infrastructure.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.eutralog.com, victorstanila.ro, siveco.ro, www.csalb.ro, www.bcrlocuinte.ro, www.groupama.ro, www.electroputere.ro, www.cfrcalatori.ro, www.bega.ro, www.eximbank.ro, www.ibr-rbi.ro, rafo.ro, gfr.ro, www.bcr.ro, www.ifbfinwest.ro, www.brci.ro, bilete.cfrcalatori.ro, www.transilvaniabroker.ro, e-prail.ro, www.alro.ro, ro.dbcargo.com
Targets from prev attack(0):
Dismissed Targets(20): investingromania.com, www.jpost.com, www.minet.ro, ir-romania.ro, e-guvernare.ro, www.senat.ro, www.stingtv.co.il, www.astratranscarpatic.ro, www.isf.ro, www.018.co.il, www.rilvan.eu, www.hotmobile.co.il, www.anaf.ro, www.engie.ro, paginiaurii.ro, www.gecad.com, rocaindustry.ro, coduripostale.com, cfrmarfa.com, elbitsystems.com

Detected attack on 2026-03-19_12-10-11

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 12:10:11 +0000

Noname057(16) has targeted websites primarily in Romania and Israel. Key sites under attack include Romanian government and financial institutions such as anaf.ro and senat.ro, as well as various media outlets like stingtv.co.il and jpost.com. Additionally, Israeli companies such as elbitsystems.com and hotmobile.co.il have also been affected.^{AI generated}
20 targets are under attack, 2 new targets and 18 targets from previous attack
New Targets(2): www.jpost.com, www.018.co.il
Targets from prev attack(18): www.senat.ro, cfrmarfa.com, coduripostale.com, paginiaurii.ro, rocaindustry.ro, www.stingtv.co.il, ir-romania.ro, www.engie.ro, www.gecad.com, www.hotmobile.co.il, www.anaf.ro, www.minet.ro, elbitsystems.com, www.astratranscarpatic.ro, e-guvernare.ro, www.isf.ro, www.rilvan.eu, investingromania.com
Dismissed Targets(0):

Detected attack on 2026-03-19_12-00-36

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 12:00:36 +0000

Noname057(16) has targeted various websites primarily in Romania and Israel. Key Romanian sites under attack include government and commercial platforms such as senat.ro, engie.ro, and anaf.ro. Israeli targets include stingtv.co.il and hotmobile.co.il. The attacks highlight a focus on both public institutions and private companies in these countries.^{AI generated}
18 targets are under attack, 3 new targets and 15 targets from previous attack
New Targets(3): elbitsystems.com, www.hotmobile.co.il, www.stingtv.co.il
Targets from prev attack(15): www.senat.ro, cfrmarfa.com, coduripostale.com, paginiaurii.ro, rocaindustry.ro, ir-romania.ro, www.engie.ro, www.gecad.com, www.anaf.ro, www.minet.ro, www.astratranscarpatic.ro, e-guvernare.ro, www.isf.ro, www.rilvan.eu, investingromania.com
Dismissed Targets(0):

Detected attack on 2026-03-19_07-45-17

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:45:17 +0000

Noname057(16) has targeted several websites primarily based in Romania. The attacked sites include government portals, financial institutions, and various businesses, indicating a focus on disrupting services and accessing sensitive information within the country. Key sectors affected include e-government, finance, and transportation.^{AI generated}
15 targets are under attack, 1 new targets and 14 targets from previous attack
New Targets(1): www.senat.ro
Targets from prev attack(14): www.minet.ro, paginiaurii.ro, www.rilvan.eu, www.gecad.com, www.isf.ro, e-guvernare.ro, www.anaf.ro, coduripostale.com, ir-romania.ro, investingromania.com, www.engie.ro, www.astratranscarpatic.ro, rocaindustry.ro, cfrmarfa.com
Dismissed Targets(0):

Detected attack on 2026-03-19_07-40-11

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:40:11 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include government portals, financial services, and industry-related platforms. Key sectors affected are finance, transportation, and e-governance, reflecting a focus on critical infrastructure within the country.^{AI generated}
14 targets are under attack, 2 new targets and 12 targets from previous attack
New Targets(2): www.astratranscarpatic.ro, cfrmarfa.com
Targets from prev attack(12): investingromania.com, www.anaf.ro, ir-romania.ro, rocaindustry.ro, e-guvernare.ro, www.gecad.com, www.isf.ro, paginiaurii.ro, coduripostale.com, www.rilvan.eu, www.minet.ro, www.engie.ro
Dismissed Targets(0):

Detected attack on 2026-03-19_07-35-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:35:08 +0000

Noname057(16) has targeted various websites primarily in Romania. The main sectors affected include finance, government, and industry, with notable sites such as investingromania.com, anaf.ro, and e-guvernare.ro. Other attacked sites include rocaindustry.ro, gecad.com, and engie.ro, indicating a focus on both public and private sectors within the country.^{AI generated}
12 targets are under attack, 1 new targets and 11 targets from previous attack
New Targets(1): ir-romania.ro
Targets from prev attack(11): investingromania.com, www.anaf.ro, rocaindustry.ro, e-guvernare.ro, www.gecad.com, www.isf.ro, paginiaurii.ro, coduripostale.com, www.rilvan.eu, www.minet.ro, www.engie.ro
Dismissed Targets(0):

Detected attack on 2026-03-19_07-25-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:25:08 +0000

Noname057(16) has targeted several websites primarily in Romania. The attacked sites include government, industry, and financial platforms, indicating a focus on critical infrastructure and public services. Key targets are geocad.com, rocaindustry.ro, e-guvernare.ro, minet.ro, investingromania.com, engie.ro, paginiaurii.ro, rilvan.eu, anaf.ro, isf.ro, and coduripostale.com.^{AI generated}
11 targets are under attack, 1 new targets and 10 targets from previous attack
New Targets(1): www.isf.ro
Targets from prev attack(10): www.gecad.com, rocaindustry.ro, e-guvernare.ro, www.minet.ro, investingromania.com, www.engie.ro, paginiaurii.ro, www.anaf.ro, www.rilvan.eu, coduripostale.com
Dismissed Targets(0):

Detected attack on 2026-03-19_07-20-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:20:08 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include financial, governmental, and industrial platforms, indicating a focus on critical infrastructure and public services. Key sectors under attack involve finance, energy, and e-governance, highlighting the group's interest in disrupting essential services in Romania.^{AI generated}
10 targets are under attack, 2 new targets and 8 targets from previous attack
New Targets(2): investingromania.com, www.gecad.com
Targets from prev attack(8): www.engie.ro, www.minet.ro, rocaindustry.ro, www.anaf.ro, e-guvernare.ro, paginiaurii.ro, coduripostale.com, www.rilvan.eu
Dismissed Targets(0):

Detected attack on 2026-03-19_07-15-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:15:08 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include those related to government services, energy, and postal codes, indicating a focus on critical infrastructure and public services in the country.^{AI generated}
8 targets are under attack, 1 new targets and 7 targets from previous attack
New Targets(1): www.minet.ro
Targets from prev attack(7): www.engie.ro, rocaindustry.ro, www.anaf.ro, e-guvernare.ro, paginiaurii.ro, coduripostale.com, www.rilvan.eu
Dismissed Targets(0):

Detected attack on 2026-03-19_07-10-07

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:10:07 +0000

Noname057(16) has targeted several websites primarily in Romania. The attacked sites include e-guvernare.ro, which is associated with government services, and www.anaf.ro, related to the National Agency for Fiscal Administration. Other notable targets are rocaindustry.ro, linked to the industrial sector, and www.engie.ro, connected to energy services. Additionally, coduripostale.com, a postal code directory, paginiaurii.ro, a yellow pages service, and www.rilvan.eu were also compromised. Overall, Romania is the principal country affected by these attacks.^{AI generated}
7 targets are under attack, 1 new targets and 6 targets from previous attack
New Targets(1): rocaindustry.ro
Targets from prev attack(6): e-guvernare.ro, www.anaf.ro, www.engie.ro, coduripostale.com, paginiaurii.ro, www.rilvan.eu
Dismissed Targets(0):

Detected attack on 2026-03-19_07-05-07

codabar@42de.it (Alfredo Terrone) — Thu, 19 Mar 2026 07:05:07 +0000

Noname057(16) has targeted several websites primarily in Romania. The attacked sites include e-guvernare.ro, which is related to government services, and www.anaf.ro, associated with the National Agency for Fiscal Administration. Additionally, www.engie.ro, linked to the energy sector, and coduripostale.com, a postal code directory, were also compromised. Other sites affected include paginiaurii.ro, a business directory, and www.rilvan.eu. Overall, the attacks predominantly focus on Romanian online services and infrastructure.^{AI generated}
6 targets are under attack, 6 new targets and 0 targets from previous attack
New Targets(6): e-guvernare.ro, www.anaf.ro, www.engie.ro, coduripostale.com, paginiaurii.ro, www.rilvan.eu
Targets from prev attack(0):
Dismissed Targets(32): magam-safety.com, legislatie.just.ro, www.just.ro, www.onrc.ro, app.inm-lex.ro, myportal.onrc.ro, inm-lex.ro, www.bpi.ro, www.insurance.org.il, www.rarom.ro, www.imm.gov.ro, www.mapn.ro, www.gahat.com, www.afer.ro, sso.onrc.ro, www.nikol.co.il, monitoruloficial.ro, www.shomera.co.il, portal.just.ro, www.unbr.ro, timrailcargo.ro, www.igudbit.org.il, www.scj.ro, www.unpir.ro, www.onpcsb.ro, revasimeria.ro, www.harel-group.com, tclog.co.il, www.eliahu.co.il, www.uniuneanotarilor.ro, www.nk-ins.co.il, www.hcsra.co.il

Detected attack on 2026-03-18_18-35-17

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 18:35:17 +0000

The attacks attributed to noname057 primarily targeted websites in Israel and Romania. Key sectors affected include insurance, legal services, government portals, and safety organizations. Notable sites include various domains related to government services in Romania and multiple insurance and legal entities in Israel.^{AI generated}
32 targets are under attack, 3 new targets and 29 targets from previous attack
New Targets(3): www.mapn.ro, www.nk-ins.co.il, www.eliahu.co.il
Targets from prev attack(29): www.nikol.co.il, www.shomera.co.il, myportal.onrc.ro, www.rarom.ro, www.harel-group.com, portal.just.ro, app.inm-lex.ro, www.bpi.ro, www.insurance.org.il, sso.onrc.ro, magam-safety.com, tclog.co.il, www.imm.gov.ro, www.unpir.ro, www.gahat.com, www.uniuneanotarilor.ro, www.onpcsb.ro, www.afer.ro, inm-lex.ro, revasimeria.ro, timrailcargo.ro, www.just.ro, www.onrc.ro, www.hcsra.co.il, legislatie.just.ro, www.scj.ro, www.igudbit.org.il, monitoruloficial.ro, www.unbr.ro
Dismissed Targets(0):

Detected attack on 2026-03-18_18-30-10

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 18:30:10 +0000

The attacks attributed to noname057(16) primarily target websites in Israel and Romania. Key sectors affected include legal, governmental, and insurance services, with notable sites such as tclog.co.il, monitoruloficial.ro, and harel-group.com being among the compromised. The attacks highlight a significant cyber threat landscape in these countries, particularly focusing on institutions and organizations that manage public services and legal frameworks.^{AI generated}
29 targets are under attack, 1 new targets and 28 targets from previous attack
New Targets(1): www.shomera.co.il
Targets from prev attack(28): tclog.co.il, www.uniuneanotarilor.ro, monitoruloficial.ro, www.nikol.co.il, www.just.ro, inm-lex.ro, www.harel-group.com, www.igudbit.org.il, www.unbr.ro, sso.onrc.ro, www.bpi.ro, legislatie.just.ro, www.onpcsb.ro, www.gahat.com, www.insurance.org.il, portal.just.ro, www.imm.gov.ro, www.hcsra.co.il, www.rarom.ro, www.onrc.ro, timrailcargo.ro, www.scj.ro, revasimeria.ro, app.inm-lex.ro, magam-safety.com, www.unpir.ro, www.afer.ro, myportal.onrc.ro
Dismissed Targets(2): www.eliahu.co.il, www.mapn.ro

Detected attack on 2026-03-18_18-25-13

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 18:25:13 +0000

The attacks attributed to noname057 primarily targeted websites in Israel and Romania. Notable sectors affected include legal, governmental, and insurance services. The majority of the compromised sites include those related to justice, national security, and professional organizations, indicating a focus on critical infrastructure and public services in these countries.^{AI generated}
30 targets are under attack, 5 new targets and 25 targets from previous attack
New Targets(5): www.igudbit.org.il, www.nikol.co.il, www.bpi.ro, www.onrc.ro, www.scj.ro
Targets from prev attack(25): tclog.co.il, www.uniuneanotarilor.ro, monitoruloficial.ro, www.just.ro, inm-lex.ro, www.harel-group.com, www.unbr.ro, sso.onrc.ro, www.mapn.ro, www.onpcsb.ro, legislatie.just.ro, www.gahat.com, www.insurance.org.il, portal.just.ro, www.imm.gov.ro, www.hcsra.co.il, www.rarom.ro, www.eliahu.co.il, timrailcargo.ro, revasimeria.ro, app.inm-lex.ro, magam-safety.com, www.unpir.ro, www.afer.ro, myportal.onrc.ro
Dismissed Targets(2): www.nk-ins.co.il, www.shomera.co.il

Detected attack on 2026-03-18_18-20-15

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 18:20:15 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key sectors affected include legal services, government institutions, and various private companies. Notable sites attacked include those related to legal and legislative functions in Romania, as well as multiple Israeli companies across different sectors.^{AI generated}
27 targets are under attack, 7 new targets and 20 targets from previous attack
New Targets(7): myportal.onrc.ro, app.inm-lex.ro, www.gahat.com, inm-lex.ro, www.insurance.org.il, www.rarom.ro, www.onpcsb.ro
Targets from prev attack(20): www.eliahu.co.il, www.afer.ro, www.shomera.co.il, www.nk-ins.co.il, portal.just.ro, www.mapn.ro, www.hcsra.co.il, www.harel-group.com, monitoruloficial.ro, legislatie.just.ro, www.imm.gov.ro, tclog.co.il, magam-safety.com, www.unbr.ro, revasimeria.ro, www.uniuneanotarilor.ro, sso.onrc.ro, www.unpir.ro, timrailcargo.ro, www.just.ro
Dismissed Targets(2): www.onrc.ro, www.igudbit.org.il

Detected attack on 2026-03-18_18-16-04

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 18:16:04 +0000

The attacks attributed to noname057 primarily target websites in Israel and Romania. Key Israeli sites include various government and private organizations such as eliahu.co.il, shomera.co.il, and harel-group.com. In Romania, the attacks focus on government and legal entities, including portal.just.ro, mapn.ro, and monitoruloficial.ro. Overall, the campaign highlights a significant interest in both Israeli and Romanian infrastructure.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): www.eliahu.co.il, www.afer.ro, www.shomera.co.il, www.nk-ins.co.il, portal.just.ro, www.mapn.ro, www.hcsra.co.il, www.harel-group.com, monitoruloficial.ro, legislatie.just.ro, www.imm.gov.ro, tclog.co.il, www.onrc.ro, magam-safety.com, www.unbr.ro, revasimeria.ro, www.uniuneanotarilor.ro, sso.onrc.ro, www.unpir.ro, www.igudbit.org.il, timrailcargo.ro, www.just.ro
Dismissed Targets(10): myportal.onrc.ro, app.inm-lex.ro, www.gahat.com, inm-lex.ro, www.nikol.co.il, www.bpi.ro, www.scj.ro, www.insurance.org.il, www.rarom.ro, www.onpcsb.ro

Detected attack on 2026-03-18_11-05-11

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 11:05:11 +0000

The attacks attributed to noname057 primarily targeted websites in Israel and Romania. Key sectors affected include legal, governmental, and business services, with notable attacks on sites such as www.nk-ins.co.il and www.igudbit.org.il in Israel, as well as www.onpcsb.ro and www.just.ro in Romania. The campaign highlights a focus on disrupting services related to law, insurance, and public administration in these countries.^{AI generated}
32 targets are under attack, 10 new targets and 22 targets from previous attack
New Targets(10): www.nk-ins.co.il, www.shomera.co.il, www.igudbit.org.il, www.eliahu.co.il, www.insurance.org.il, tclog.co.il, magam-safety.com, www.harel-group.com, www.hcsra.co.il, www.gahat.com
Targets from prev attack(22): www.onpcsb.ro, www.scj.ro, monitoruloficial.ro, www.uniuneanotarilor.ro, www.unbr.ro, app.inm-lex.ro, myportal.onrc.ro, www.unpir.ro, www.bpi.ro, www.nikol.co.il, www.just.ro, www.rarom.ro, revasimeria.ro, www.afer.ro, www.onrc.ro, www.mapn.ro, inm-lex.ro, portal.just.ro, sso.onrc.ro, legislatie.just.ro, www.imm.gov.ro, timrailcargo.ro
Dismissed Targets(0):

Detected attack on 2026-03-18_07-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 18 Mar 2026 07:05:09 +0000

The attacks by noname057 primarily targeted Romania, with several Romanian websites being compromised, including those related to rail cargo, legal information, and government services. Additionally, there was an attack on an Israeli site. The focus appears to be on disrupting services and accessing sensitive information within these countries.^{AI generated}
22 targets are under attack, 22 new targets and 0 targets from previous attack
New Targets(22): timrailcargo.ro, revasimeria.ro, inm-lex.ro, www.scj.ro, www.uniuneanotarilor.ro, legislatie.just.ro, www.bpi.ro, sso.onrc.ro, www.nikol.co.il, www.unbr.ro, app.inm-lex.ro, www.onpcsb.ro, myportal.onrc.ro, www.imm.gov.ro, www.onrc.ro, portal.just.ro, monitoruloficial.ro, www.afer.ro, www.just.ro, www.mapn.ro, www.rarom.ro, www.unpir.ro
Targets from prev attack(0):
Dismissed Targets(17): www.eximtur.ro, rig-service.com, hotnews.ro, www.arb.ro, www.snam.ro, christiantour.ro, www.mfinante.gov.ro, anaf.ro, www.chimcomplex.ro, www.elcomex.ro, www.rominvent.ro, www.iccj.ro, www.electroprecizia.ro, www.romatsa.ro, arbitration.ccir.ro, www.ibr-rbi.ro, oil-terminal.com

Detected attack on 2026-03-17_07-55-11

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:55:11 +0000

The attacks attributed to noname057 primarily target Romania, with notable sites including government and financial institutions such as anaf.ro and mfinante.gov.ro. Other sectors affected include news media like hotnews.ro and various companies in industries such as tourism, energy, and manufacturing, including christiantour.ro and electroprecizia.ro.^{AI generated}
17 targets are under attack, 1 new targets and 16 targets from previous attack
New Targets(1): www.eximtur.ro
Targets from prev attack(16): www.rominvent.ro, anaf.ro, hotnews.ro, arbitration.ccir.ro, www.mfinante.gov.ro, www.electroprecizia.ro, www.iccj.ro, www.romatsa.ro, christiantour.ro, www.elcomex.ro, www.chimcomplex.ro, www.snam.ro, oil-terminal.com, rig-service.com, www.arb.ro, www.ibr-rbi.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-50-09

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:50:09 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include government portals, news platforms, and private companies, indicating a focus on critical infrastructure and public services. Key sectors affected are finance, transportation, and media, highlighting the group's intent to disrupt operations in Romania.^{AI generated}
16 targets are under attack, 1 new targets and 15 targets from previous attack
New Targets(1): www.electroprecizia.ro
Targets from prev attack(15): www.rominvent.ro, anaf.ro, hotnews.ro, arbitration.ccir.ro, www.mfinante.gov.ro, www.iccj.ro, www.romatsa.ro, christiantour.ro, www.arb.ro, oil-terminal.com, www.snam.ro, rig-service.com, www.elcomex.ro, www.chimcomplex.ro, www.ibr-rbi.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-45-13

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:45:13 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include government, financial, and news platforms, indicating a focus on critical infrastructure and information dissemination. Key sectors affected include finance, transportation, and media, highlighting a significant threat to the country's digital landscape.^{AI generated}
15 targets are under attack, 1 new targets and 14 targets from previous attack
New Targets(1): www.elcomex.ro
Targets from prev attack(14): rig-service.com, www.ibr-rbi.ro, www.romatsa.ro, christiantour.ro, www.mfinante.gov.ro, www.iccj.ro, arbitration.ccir.ro, hotnews.ro, oil-terminal.com, www.rominvent.ro, www.chimcomplex.ro, www.snam.ro, www.arb.ro, anaf.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-40-09

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:40:09 +0000

Noname057(16) has targeted several websites primarily located in Romania. The attacked sites include government, financial, and service-oriented platforms, such as mfinante.gov.ro and anaf.ro, indicating a focus on critical infrastructure and public services. Other notable targets include various organizations in the arbitration and energy sectors, highlighting a broad range of interests in the Romanian digital landscape.^{AI generated}
14 targets are under attack, 1 new targets and 13 targets from previous attack
New Targets(1): arbitration.ccir.ro
Targets from prev attack(13): www.ibr-rbi.ro, www.arb.ro, www.snam.ro, www.romatsa.ro, anaf.ro, www.iccj.ro, rig-service.com, christiantour.ro, www.mfinante.gov.ro, oil-terminal.com, hotnews.ro, www.rominvent.ro, www.chimcomplex.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-35-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:35:08 +0000

The attacks by noname057 primarily targeted websites in Romania, including government, financial, and service sectors. Key sites affected include the Ministry of Finance, the Romanian Supreme Court, and various financial and tourism-related platforms. The attacks highlight a concentrated effort against Romanian digital infrastructure.^{AI generated}
13 targets are under attack, 2 new targets and 11 targets from previous attack
New Targets(2): christiantour.ro, www.arb.ro
Targets from prev attack(11): www.ibr-rbi.ro, anaf.ro, www.snam.ro, www.romatsa.ro, www.iccj.ro, rig-service.com, www.mfinante.gov.ro, oil-terminal.com, hotnews.ro, www.rominvent.ro, www.chimcomplex.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-30-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:30:08 +0000

Noname057(16) has targeted various Romanian websites, indicating a focus on Romania as a principal country under attack. The compromised sites include government, news, and business platforms, highlighting a diverse range of sectors affected by these attacks. Notable targets include the Romanian National Agency for Fiscal Administration (anaf.ro) and the High Court of Cassation and Justice (iccj.ro), demonstrating a particular interest in critical infrastructure and public services.^{AI generated}
11 targets are under attack, 2 new targets and 9 targets from previous attack
New Targets(2): www.ibr-rbi.ro, www.chimcomplex.ro
Targets from prev attack(9): www.snam.ro, hotnews.ro, www.iccj.ro, anaf.ro, www.mfinante.gov.ro, www.romatsa.ro, rig-service.com, www.rominvent.ro, oil-terminal.com
Dismissed Targets(0):

Detected attack on 2026-03-17_07-25-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:25:08 +0000

Noname057(16) has targeted various websites primarily in Romania. The attacked sites include government institutions, news platforms, and private companies, indicating a focus on critical infrastructure and information dissemination in the country.^{AI generated}
9 targets are under attack, 1 new targets and 8 targets from previous attack
New Targets(1): oil-terminal.com
Targets from prev attack(8): www.snam.ro, hotnews.ro, www.iccj.ro, anaf.ro, www.rominvent.ro, rig-service.com, www.mfinante.gov.ro, www.romatsa.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-20-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:20:08 +0000

Noname057(16) has targeted various websites primarily in Romania, including government and financial institutions. The main sites attacked include the Romanian Ministry of Finance (mfinante.gov.ro), the National Agency for Fiscal Administration (anaf.ro), and several news and service platforms like hotnews.ro and rig-service.com. The attacks indicate a focus on critical infrastructure and information dissemination within the country.^{AI generated}
8 targets are under attack, 1 new targets and 7 targets from previous attack
New Targets(1): www.snam.ro
Targets from prev attack(7): www.iccj.ro, www.rominvent.ro, www.romatsa.ro, www.mfinante.gov.ro, hotnews.ro, rig-service.com, anaf.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-15-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:15:08 +0000

Noname057(16) has targeted several websites, primarily from Romania. The attacked sites include government and financial institutions such as mfinante.gov.ro and anaf.ro, as well as news platforms like hotnews.ro. Other affected entities are rig-service.com and various Romanian organizations, indicating a focused campaign against Romanian digital infrastructure.^{AI generated}
7 targets are under attack, 2 new targets and 5 targets from previous attack
New Targets(2): rig-service.com, www.rominvent.ro
Targets from prev attack(5): www.iccj.ro, www.romatsa.ro, www.mfinante.gov.ro, hotnews.ro, anaf.ro
Dismissed Targets(0):

Detected attack on 2026-03-17_07-10-07

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 07:10:07 +0000

Noname057(16) has targeted several Romanian websites, including anaf.ro, mfinante.gov.ro, romatsa.ro, iccj.ro, and hotnews.ro. The primary country under attack is Romania, highlighting a focus on governmental and news platforms within the nation.^{AI generated}
5 targets are under attack, 5 new targets and 0 targets from previous attack
New Targets(5): anaf.ro, www.mfinante.gov.ro, www.romatsa.ro, www.iccj.ro, hotnews.ro
Targets from prev attack(0):
Dismissed Targets(31): sts.ro, www.ozma-yeudit.co.il, dnsc.ro, www.modiin.muni.il, www.shomron.org.il, www.csalb.ro, www.lod.muni.il, www.just.ro, abugosh.muni.il, www.roviniete.ro, online.astratranscarpatic.ro, www.arraba.muni.il, www.mvhr.org.il, noamparty.org.il, www.ccr.ro, cfr.ro, www.scj.ro, www.bvb.ro, mersultrenurilor.infofer.ro, www.afer.ro, zionutdatit.org.il, www.fgdb.ro, shas.org.il, www.astratranscarpatic.ro, api.molromania.ro, www.metrorex.ro, www.eilat.muni.il, bostanmerj.nqa.nadsoft.co, timrailcargo.ro, www.baneasa-airport.ro, www.mapn.ro

Detected attack on 2026-03-17_06-10-12

codabar@42de.it (Alfredo Terrone) — Tue, 17 Mar 2026 06:10:12 +0000

The attacks attributed to noname057 primarily target websites in Romania and Israel. Key Romanian sites include transportation and government-related domains such as cfr.ro, metrorex.ro, and baneasa-airport.ro. In Israel, various municipal and organizational websites, such as shomron.org.il and shas.org.il, are under attack. This indicates a focus on critical infrastructure and public services in both countries.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): www.astratranscarpatic.ro, sts.ro, cfr.ro, www.shomron.org.il, www.ozma-yeudit.co.il, www.ccr.ro, abugosh.muni.il, www.metrorex.ro, bostanmerj.nqa.nadsoft.co, www.scj.ro, www.mapn.ro, noamparty.org.il, www.roviniete.ro, www.just.ro, www.eilat.muni.il, www.baneasa-airport.ro, www.csalb.ro, timrailcargo.ro, www.modiin.muni.il, zionutdatit.org.il, mersultrenurilor.infofer.ro, www.arraba.muni.il, www.fgdb.ro, www.afer.ro, shas.org.il, www.lod.muni.il, api.molromania.ro, dnsc.ro, www.mvhr.org.il, online.astratranscarpatic.ro, www.bvb.ro
Dismissed Targets(1): www.cdep.ro

Detected attack on 2026-03-16_11-05-18

codabar@42de.it (Alfredo Terrone) — Mon, 16 Mar 2026 11:05:18 +0000

The attacks by noname057(16) primarily targeted websites in Romania and Israel. Key sectors affected include transportation, government services, and financial institutions. Romanian sites include timrailcargo.ro, baneasa-airport.ro, and metrorex.ro, while Israeli targets feature mvhr.org.il, shomron.org.il, and shas.org.il.^{AI generated}
32 targets are under attack, 12 new targets and 20 targets from previous attack
New Targets(12): bostanmerj.nqa.nadsoft.co, www.eilat.muni.il, www.arraba.muni.il, noamparty.org.il, shas.org.il, www.modiin.muni.il, www.lod.muni.il, www.shomron.org.il, www.mvhr.org.il, www.ozma-yeudit.co.il, abugosh.muni.il, zionutdatit.org.il
Targets from prev attack(20): timrailcargo.ro, www.just.ro, www.baneasa-airport.ro, www.roviniete.ro, api.molromania.ro, www.astratranscarpatic.ro, www.ccr.ro, www.metrorex.ro, online.astratranscarpatic.ro, www.cdep.ro, www.bvb.ro, www.afer.ro, www.mapn.ro, sts.ro, dnsc.ro, mersultrenurilor.infofer.ro, www.scj.ro, www.csalb.ro, cfr.ro, www.fgdb.ro
Dismissed Targets(0):

Detected attack on 2026-03-16_07-05-10

codabar@42de.it (Alfredo Terrone) — Mon, 16 Mar 2026 07:05:10 +0000

Noname057(16) has targeted several websites primarily in Romania. Key sectors affected include transportation, government, and finance, with notable sites such as metrorex.ro, mapn.ro, and cdep.ro among the targets. The attacks highlight a significant focus on Romanian infrastructure and public services.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.metrorex.ro, dnsc.ro, www.mapn.ro, www.scj.ro, www.just.ro, www.roviniete.ro, www.baneasa-airport.ro, www.cdep.ro, www.afer.ro, cfr.ro, www.bvb.ro, www.csalb.ro, online.astratranscarpatic.ro, www.astratranscarpatic.ro, sts.ro, timrailcargo.ro, www.fgdb.ro, www.ccr.ro, api.molromania.ro, mersultrenurilor.infofer.ro
Targets from prev attack(0):
Dismissed Targets(15): www.ylatis.eu, www.politis-news.com, eoalemesos.org.cy, www.limassol.org.cy, alithia.com.cy, www.cystat.gov.cy, webmail.nicosiamunicipality.org.cy, www.jcc.com.cy, cyprusbutterfly.com.cy, www.insurance.com.cy, www.gov.cy, pafos.org.cy, www.limassolmunicipal.com.cy, www.cpa.gov.cy, www.morphou.org.cy

Detected attack on 2026-03-15_07-05-07

codabar@42de.it (Alfredo Terrone) — Sun, 15 Mar 2026 07:05:07 +0000

Noname057(16) has targeted various websites primarily in Cyprus. The attacked sites include governmental, municipal, and media platforms, indicating a focus on critical infrastructure and information dissemination. The main countries affected by these attacks are Cyprus, with a concentration on local government and public service websites.^{AI generated}
15 targets are under attack, 15 new targets and 0 targets from previous attack
New Targets(15): pafos.org.cy, www.cpa.gov.cy, www.limassolmunicipal.com.cy, cyprusbutterfly.com.cy, www.gov.cy, eoalemesos.org.cy, alithia.com.cy, www.politis-news.com, www.cystat.gov.cy, webmail.nicosiamunicipality.org.cy, www.insurance.com.cy, www.morphou.org.cy, www.jcc.com.cy, www.ylatis.eu, www.limassol.org.cy
Targets from prev attack(0):
Dismissed Targets(18): centurycyprus.com, www.mcw.gov.cy, www.nikol.co.il, www.mjpo.gov.cy, www.cna.org.cy, dom.com.cy, www.cyprusbybus.com, www.deigma.audit.gov.cy, ftphb.hellenicbank.com, www.eac.com.cy, www.police.gov.cy, cge.cyprus.gov.cy, www.supremecourt.gov.cy, limassolairportexpress.eu, livebuses.com, ccci.org.cy, www.centralbank.com, www.eliahu.co.il

Detected attack on 2026-03-14_07-05-21

codabar@42de.it (Alfredo Terrone) — Sat, 14 Mar 2026 07:05:21 +0000

Noname057(16) has targeted several websites primarily in Cyprus, including government sites like www.mjpo.gov.cy and www.police.gov.cy, as well as financial institutions like ftphb.hellenicbank.com and www.centralbank.com. Other affected sites include transportation services such as www.cyprusbybus.com and limassolairportexpress.eu, along with various local organizations and businesses. Additionally, there are targets from Israel, indicated by the presence of sites like www.nikol.co.il and www.eliahu.co.il.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): www.mjpo.gov.cy, www.mcw.gov.cy, dom.com.cy, ftphb.hellenicbank.com, www.cyprusbybus.com, www.cna.org.cy, limassolairportexpress.eu, livebuses.com, ccci.org.cy, centurycyprus.com, www.deigma.audit.gov.cy, www.police.gov.cy, cge.cyprus.gov.cy, www.eac.com.cy, www.supremecourt.gov.cy, www.centralbank.com, www.nikol.co.il, www.eliahu.co.il
Targets from prev attack(0):
Dismissed Targets(15): www.nicosia.org.cy, www.insurance.org.il, www.shomera.co.il, www.igudbit.org.il, magam-safety.com, www.lakatamia.org.cy, dms.nicosiamunicipality.org.cy, www.nicosiamunicipality.org.cy, www.gahat.com, www.hcsra.co.il, www.harel-group.com, www.agianapa.org.cy, efiling.drcor.mcit.gov.cy, www.nk-ins.co.il, tclog.co.il

Detected attack on 2026-03-13_21-05-10

codabar@42de.it (Alfredo Terrone) — Fri, 13 Mar 2026 21:05:10 +0000

Noname057(16) has targeted various websites primarily located in Cyprus and Israel. The attacks have affected municipal sites in Cyprus, such as those belonging to Nicosia and Lakatamia, as well as several insurance and business-related sites in Israel, including Harel Group and HCSRA.^{AI generated}
15 targets are under attack, 0 new targets and 15 targets from previous attack
New Targets(0):
Targets from prev attack(15): dms.nicosiamunicipality.org.cy, www.hcsra.co.il, www.lakatamia.org.cy, www.insurance.org.il, www.agianapa.org.cy, www.nicosiamunicipality.org.cy, efiling.drcor.mcit.gov.cy, www.shomera.co.il, tclog.co.il, www.igudbit.org.il, www.harel-group.com, www.nicosia.org.cy, magam-safety.com, www.gahat.com, www.nk-ins.co.il
Dismissed Targets(7): www.morphou.org.cy, webmail.nicosiamunicipality.org.cy, pafos.org.cy, www.ylatis.eu, www.limassolmunicipal.com.cy, alithia.com.cy, www.limassol.org.cy

Detected attack on 2026-03-13_21-00-11

codabar@42de.it (Alfredo Terrone) — Fri, 13 Mar 2026 21:00:11 +0000

Recent attacks attributed to noname057(16) primarily target websites in Israel and Cyprus. The affected sites include various municipal, insurance, and community organizations, indicating a focus on local governance and public services. Notable countries under attack are Israel, with multiple sites like tclog.co.il and www.igudbit.org.il, and Cyprus, featuring sites such as webmail.nicosiamunicipality.org.cy and www.limassolmunicipal.com.cy.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): tclog.co.il, webmail.nicosiamunicipality.org.cy, www.igudbit.org.il, www.insurance.org.il, www.harel-group.com, www.morphou.org.cy, www.ylatis.eu, www.shomera.co.il, www.limassol.org.cy, www.agianapa.org.cy, www.hcsra.co.il, www.nicosia.org.cy, pafos.org.cy, www.limassolmunicipal.com.cy, www.nk-ins.co.il, www.gahat.com, dms.nicosiamunicipality.org.cy, alithia.com.cy, efiling.drcor.mcit.gov.cy, www.lakatamia.org.cy, www.nicosiamunicipality.org.cy, magam-safety.com
Dismissed Targets(8): www.jcc.com.cy, www.insurance.com.cy, livebuses.com, www.cystat.gov.cy, eoalemesos.org.cy, cge.cyprus.gov.cy, cyprusbutterfly.com.cy, www.politis-news.com

Detected attack on 2026-03-13_11-10-10

codabar@42de.it (Alfredo Terrone) — Fri, 13 Mar 2026 11:10:10 +0000

The attacks attributed to noname057 primarily targeted websites in Cyprus and Israel. Key sectors affected include local government, insurance, and tourism, with notable domains such as jcc.com.cy, insurance.org.il, and nicosia.org.cy being compromised. The majority of the attacks concentrated on Cypriot entities, indicating a regional focus on critical infrastructure and community services.^{AI generated}
30 targets are under attack, 9 new targets and 21 targets from previous attack
New Targets(9): magam-safety.com, www.igudbit.org.il, www.gahat.com, www.hcsra.co.il, www.insurance.org.il, www.shomera.co.il, www.harel-group.com, www.nk-ins.co.il, tclog.co.il
Targets from prev attack(21): www.jcc.com.cy, www.morphou.org.cy, cyprusbutterfly.com.cy, livebuses.com, eoalemesos.org.cy, www.agianapa.org.cy, www.lakatamia.org.cy, www.politis-news.com, www.nicosia.org.cy, www.limassol.org.cy, www.cystat.gov.cy, www.ylatis.eu, cge.cyprus.gov.cy, efiling.drcor.mcit.gov.cy, webmail.nicosiamunicipality.org.cy, www.nicosiamunicipality.org.cy, www.insurance.com.cy, alithia.com.cy, pafos.org.cy, www.limassolmunicipal.com.cy, dms.nicosiamunicipality.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-13_07-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 13 Mar 2026 07:05:09 +0000

The attacks by noname057 primarily targeted websites in Cyprus. Key sites affected include government portals, municipal websites, and local news platforms, indicating a focus on disrupting public services and information access within the country.^{AI generated}
21 targets are under attack, 16 new targets and 5 targets from previous attack
New Targets(16): www.ylatis.eu, www.agianapa.org.cy, pafos.org.cy, efiling.drcor.mcit.gov.cy, www.nicosia.org.cy, www.politis-news.com, www.lakatamia.org.cy, dms.nicosiamunicipality.org.cy, www.limassol.org.cy, www.limassolmunicipal.com.cy, cyprusbutterfly.com.cy, webmail.nicosiamunicipality.org.cy, www.nicosiamunicipality.org.cy, www.morphou.org.cy, cge.cyprus.gov.cy, alithia.com.cy
Targets from prev attack(5): www.jcc.com.cy, www.cystat.gov.cy, eoalemesos.org.cy, www.insurance.com.cy, livebuses.com
Dismissed Targets(26): csc-cy.org, www.cpa.gov.cy, www.dataprotection.gov.cy, shas.org.il, www.018.co.il, limassolairportexpress.eu, www.umelfahem.org, www.deigma.audit.gov.cy, www.mcw.gov.cy, www.bg-paint.co.il, www.elections.gov.cy, www.rosh-haayin.muni.il, www.supremecourt.gov.cy, www.jpost.com, www.police.gov.cy, www.ariel.muni.il, www.cfir.co.il, www.rail.co.il, www.mjpo.gov.cy, www.cna.org.cy, zionutdatit.org.il, eoap.org.cy, www.gov.cy, noamparty.org.il, www.eac.com.cy, www.cus.com.cy

Detected attack on 2026-03-12_11-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 12 Mar 2026 11:05:08 +0000

The attacks attributed to noname057 primarily target websites in Israel and Cyprus. Significant sectors affected include government agencies, transportation services, media outlets, and various organizations. Key targets include the Supreme Court of Cyprus, the Cyprus Police, and several Israeli municipal websites, indicating a focus on critical infrastructure and public services in these countries.^{AI generated}
31 targets are under attack, 11 new targets and 20 targets from previous attack
New Targets(11): www.jpost.com, www.umelfahem.org, www.rail.co.il, www.018.co.il, www.cfir.co.il, www.bg-paint.co.il, www.rosh-haayin.muni.il, noamparty.org.il, www.ariel.muni.il, zionutdatit.org.il, shas.org.il
Targets from prev attack(20): www.mcw.gov.cy, www.deigma.audit.gov.cy, www.supremecourt.gov.cy, www.cystat.gov.cy, www.dataprotection.gov.cy, csc-cy.org, www.police.gov.cy, eoap.org.cy, www.cus.com.cy, www.insurance.com.cy, eoalemesos.org.cy, www.jcc.com.cy, www.cpa.gov.cy, livebuses.com, www.eac.com.cy, www.gov.cy, www.cna.org.cy, www.elections.gov.cy, limassolairportexpress.eu, www.mjpo.gov.cy
Dismissed Targets(0):

Detected attack on 2026-03-12_07-05-12

codabar@42de.it (Alfredo Terrone) — Thu, 12 Mar 2026 07:05:12 +0000

The attacks by noname057 primarily targeted websites in Cyprus. Key sites affected include government portals such as the official government site (gov.cy), the police website (police.gov.cy), and the Supreme Court (supremecourt.gov.cy). Other impacted sites include transportation services like limassolairportexpress.eu and various organizations related to statistics and data protection.^{AI generated}
20 targets are under attack, 14 new targets and 6 targets from previous attack
New Targets(14): eoap.org.cy, www.jcc.com.cy, csc-cy.org, limassolairportexpress.eu, www.cystat.gov.cy, www.cus.com.cy, www.elections.gov.cy, www.dataprotection.gov.cy, www.gov.cy, livebuses.com, www.eac.com.cy, www.insurance.com.cy, www.deigma.audit.gov.cy, eoalemesos.org.cy
Targets from prev attack(6): www.cpa.gov.cy, www.police.gov.cy, www.mjpo.gov.cy, www.cna.org.cy, www.mcw.gov.cy, www.supremecourt.gov.cy
Dismissed Targets(30): roboneers.net, fridenson.co.il, cyprusbutterfly.com.cy, en.orian.com, www.azot.com.ua, www.cyprusbybus.com, ccci.org.cy, plascow.co.il, octavacapital.ua, cysec.gov.cy, rtd.mcw.gov.cy, yuzhmash.com, web.plascow.co.il, ftphb.hellenicbank.com, www.sigmatv.com, alithia.com.cy, mr.gov.il, cge.cyprus.gov.cy, www.moec.gov.cy, easy.co.il, www.unitedxp.co.il, lansys.com.ua, www.centralbank.com, aviram.co.il, distportal.orian.com, www.dss-ua.com, www.ukrniat.com, shm-il.com, www.politis-news.com, amstor.com

Detected attack on 2026-03-11_11-10-10

codabar@42de.it (Alfredo Terrone) — Wed, 11 Mar 2026 11:10:10 +0000

The attacks attributed to noname057 primarily target sites in Cyprus and Israel, with additional incidents affecting Ukraine. Notable sectors under attack include banking, government services, transportation, and media. The range of targeted organizations indicates a focus on both public and private entities, highlighting the diverse landscape of cyber threats in these regions.^{AI generated}
36 targets are under attack, 10 new targets and 26 targets from previous attack
New Targets(10): distportal.orian.com, plascow.co.il, www.unitedxp.co.il, easy.co.il, shm-il.com, fridenson.co.il, aviram.co.il, web.plascow.co.il, mr.gov.il, en.orian.com
Targets from prev attack(26): ftphb.hellenicbank.com, www.azot.com.ua, www.supremecourt.gov.cy, www.mjpo.gov.cy, www.cyprusbybus.com, www.ukrniat.com, lansys.com.ua, www.politis-news.com, www.cna.org.cy, ccci.org.cy, amstor.com, alithia.com.cy, www.sigmatv.com, roboneers.net, yuzhmash.com, www.moec.gov.cy, www.centralbank.com, www.dss-ua.com, www.mcw.gov.cy, octavacapital.ua, rtd.mcw.gov.cy, www.cpa.gov.cy, cge.cyprus.gov.cy, www.police.gov.cy, cysec.gov.cy, cyprusbutterfly.com.cy
Dismissed Targets(0):

Detected attack on 2026-03-11_10-25-09

codabar@42de.it (Alfredo Terrone) — Wed, 11 Mar 2026 10:25:09 +0000

Noname057(16) has targeted various websites primarily in Cyprus and Ukraine. The main sectors affected include government sites, media outlets, and financial institutions. Key countries under attack are Cyprus, with numerous government and news websites compromised, and Ukraine, which has seen attacks on both private and public organizations.^{AI generated}
26 targets are under attack, 5 new targets and 21 targets from previous attack
New Targets(5): lansys.com.ua, amstor.com, www.azot.com.ua, yuzhmash.com, www.dss-ua.com
Targets from prev attack(21): www.supremecourt.gov.cy, www.mjpo.gov.cy, www.cyprusbybus.com, cge.cyprus.gov.cy, octavacapital.ua, ccci.org.cy, www.cpa.gov.cy, alithia.com.cy, www.sigmatv.com, ftphb.hellenicbank.com, www.cna.org.cy, www.mcw.gov.cy, cysec.gov.cy, www.politis-news.com, www.ukrniat.com, www.moec.gov.cy, rtd.mcw.gov.cy, roboneers.net, www.police.gov.cy, cyprusbutterfly.com.cy, www.centralbank.com
Dismissed Targets(0):

Detected attack on 2026-03-11_10-15-23

codabar@42de.it (Alfredo Terrone) — Wed, 11 Mar 2026 10:15:23 +0000

The attacks attributed to noname057(16) primarily targeted websites in Cyprus, with notable hits on government, financial, and media sites. Key sectors affected include the banking system, law enforcement, and educational institutions. The attacks highlight a significant focus on Cyprus, with various domains compromised, including those of the central bank, police, and media outlets.^{AI generated}
21 targets are under attack, 3 new targets and 18 targets from previous attack
New Targets(3): roboneers.net, www.ukrniat.com, octavacapital.ua
Targets from prev attack(18): www.cpa.gov.cy, rtd.mcw.gov.cy, cyprusbutterfly.com.cy, www.moec.gov.cy, www.supremecourt.gov.cy, www.centralbank.com, www.sigmatv.com, ftphb.hellenicbank.com, www.police.gov.cy, www.cyprusbybus.com, alithia.com.cy, www.politis-news.com, cysec.gov.cy, www.mjpo.gov.cy, www.cna.org.cy, ccci.org.cy, cge.cyprus.gov.cy, www.mcw.gov.cy
Dismissed Targets(0):

Detected attack on 2026-03-11_09-35-09

codabar@42de.it (Alfredo Terrone) — Wed, 11 Mar 2026 09:35:09 +0000

The attacks by noname057 primarily targeted Cyprus-based websites. Key sectors affected include government institutions, media outlets, and financial services. Notable sites include the Ministry of Education, the Supreme Court, and the Central Bank of Cyprus, highlighting a significant focus on critical infrastructure and public services within the country.^{AI generated}
18 targets are under attack, 0 new targets and 18 targets from previous attack
New Targets(0):
Targets from prev attack(18): cyprusbutterfly.com.cy, www.mcw.gov.cy, www.mjpo.gov.cy, cysec.gov.cy, www.moec.gov.cy, www.sigmatv.com, ccci.org.cy, www.supremecourt.gov.cy, www.cpa.gov.cy, www.cna.org.cy, www.police.gov.cy, rtd.mcw.gov.cy, www.cyprusbybus.com, www.politis-news.com, cge.cyprus.gov.cy, www.centralbank.com, ftphb.hellenicbank.com, alithia.com.cy
Dismissed Targets(1): fridenson.co.il

Detected attack on 2026-03-11_07-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 11 Mar 2026 07:05:09 +0000

The attacks by noname057(16) primarily targeted websites in Cyprus, including government sites such as the Ministry of Justice and the Central Bank. Other affected sectors include transportation, media, and banking, with notable sites like Cyprus by Bus and Sigma TV also being compromised. The attacks highlight a significant focus on Cypriot institutions and services.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.cpa.gov.cy, www.mjpo.gov.cy, www.cyprusbybus.com, www.centralbank.com, fridenson.co.il, rtd.mcw.gov.cy, cge.cyprus.gov.cy, cyprusbutterfly.com.cy, www.moec.gov.cy, alithia.com.cy, www.mcw.gov.cy, www.politis-news.com, www.supremecourt.gov.cy, ftphb.hellenicbank.com, www.sigmatv.com, ccci.org.cy, www.police.gov.cy, www.cna.org.cy, cysec.gov.cy
Targets from prev attack(0):
Dismissed Targets(21): eoalemesos.org.cy, www.gov.cy, www.iai.co.il, www.limassoltourism.com, my.bezeq.co.il, www.mekorot.co.il, www.eac.com.cy, www.pafosbuses.com, www.publictransport.com.cy, www.electra-afikim.co.il, www.bezeq.co.il, www.cyprusrfp.com, www.epicos.com, www.eprocurement.gov.cy, dom.com.cy, centurycyprus.com, limassolairportexpress.eu, eoap.org.cy, www.limassol.org.cy, www.kavim-t.com, livebuses.com

Detected attack on 2026-03-10_12-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 12:05:08 +0000

The attacks attributed to noname057 primarily target websites in Israel and Cyprus. Key sectors affected include public transport, utilities, and government services. Notable sites include those of transportation companies, water services, and government portals, indicating a focus on critical infrastructure and public services in these countries.^{AI generated}
21 targets are under attack, 7 new targets and 14 targets from previous attack
New Targets(7): www.electra-afikim.co.il, www.epicos.com, www.kavim-t.com, my.bezeq.co.il, www.iai.co.il, www.mekorot.co.il, www.bezeq.co.il
Targets from prev attack(14): www.pafosbuses.com, www.eac.com.cy, limassolairportexpress.eu, www.limassol.org.cy, dom.com.cy, livebuses.com, eoalemesos.org.cy, www.gov.cy, eoap.org.cy, www.limassoltourism.com, www.eprocurement.gov.cy, www.cyprusrfp.com, www.publictransport.com.cy, centurycyprus.com
Dismissed Targets(0):

Detected attack on 2026-03-10_09-55-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 09:55:08 +0000

The attacks by noname057 have primarily targeted websites in Cyprus. Key sectors affected include government services, transportation, and tourism, highlighting vulnerabilities in critical infrastructure within the country.^{AI generated}
14 targets are under attack, 1 new targets and 13 targets from previous attack
New Targets(1): dom.com.cy
Targets from prev attack(13): www.eac.com.cy, www.cyprusrfp.com, www.limassol.org.cy, limassolairportexpress.eu, centurycyprus.com, www.publictransport.com.cy, www.limassoltourism.com, www.gov.cy, livebuses.com, www.eprocurement.gov.cy, eoalemesos.org.cy, www.pafosbuses.com, eoap.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_09-50-09

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 09:50:09 +0000

The attacks by noname057 primarily targeted websites in Cyprus. Key sectors affected include tourism, public transport, and government services, with sites like www.limassoltourism.com and www.gov.cy being among the notable victims. The attacks highlight vulnerabilities in the digital infrastructure of Cyprus, impacting both local businesses and public services.^{AI generated}
13 targets are under attack, 1 new targets and 12 targets from previous attack
New Targets(1): centurycyprus.com
Targets from prev attack(12): www.limassoltourism.com, www.limassol.org.cy, www.gov.cy, www.cyprusrfp.com, www.pafosbuses.com, www.eprocurement.gov.cy, www.publictransport.com.cy, livebuses.com, eoap.org.cy, limassolairportexpress.eu, www.eac.com.cy, eoalemesos.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_09-45-09

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 09:45:09 +0000

Noname057(16) has targeted several websites primarily in Cyprus, focusing on tourism, public transport, and government services. Key attacked sites include those related to Limassol and Paphos, as well as the official government portal. The attacks highlight vulnerabilities within the Cypriot digital infrastructure.^{AI generated}
12 targets are under attack, 1 new targets and 11 targets from previous attack
New Targets(1): www.cyprusrfp.com
Targets from prev attack(11): www.limassoltourism.com, www.limassol.org.cy, www.gov.cy, www.pafosbuses.com, livebuses.com, www.publictransport.com.cy, www.eprocurement.gov.cy, eoap.org.cy, limassolairportexpress.eu, www.eac.com.cy, eoalemesos.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_09-40-09

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 09:40:09 +0000

Noname057(16) has targeted several websites primarily in Cyprus, focusing on public transport, government services, and tourism. The attacked sites include public transport platforms, government procurement systems, and local tourism information. The main countries under attack are Cyprus, with specific emphasis on Limassol and Paphos regions.^{AI generated}
11 targets are under attack, 1 new targets and 10 targets from previous attack
New Targets(1): www.eprocurement.gov.cy
Targets from prev attack(10): www.publictransport.com.cy, www.gov.cy, www.limassoltourism.com, limassolairportexpress.eu, www.pafosbuses.com, eoap.org.cy, livebuses.com, www.limassol.org.cy, www.eac.com.cy, eoalemesos.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_08-00-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 08:00:08 +0000

Noname057(16) has targeted several websites primarily located in Cyprus. The attacked sites include government portals, public transport services, and tourism-related platforms, highlighting a focus on critical infrastructure and public services within the country.^{AI generated}
10 targets are under attack, 1 new targets and 9 targets from previous attack
New Targets(1): eoap.org.cy
Targets from prev attack(9): www.eac.com.cy, www.limassol.org.cy, eoalemesos.org.cy, limassolairportexpress.eu, www.publictransport.com.cy, livebuses.com, www.pafosbuses.com, www.limassoltourism.com, www.gov.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_07-55-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 07:55:08 +0000

The attacks attributed to noname057 primarily targeted websites in Cyprus. Key sectors affected include transportation, tourism, and government services, with notable sites such as the official government portal (gov.cy), local transportation services, and tourism-related platforms being compromised.^{AI generated}
9 targets are under attack, 1 new targets and 8 targets from previous attack
New Targets(1): www.eac.com.cy
Targets from prev attack(8): www.limassol.org.cy, eoalemesos.org.cy, limassolairportexpress.eu, www.publictransport.com.cy, livebuses.com, www.pafosbuses.com, www.limassoltourism.com, www.gov.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_07-50-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 07:50:08 +0000

Noname057(16) has targeted various websites primarily in Cyprus. The attacked sites include those related to transportation, tourism, and government services, indicating a focus on critical infrastructure and public services in the region.^{AI generated}
8 targets are under attack, 1 new targets and 7 targets from previous attack
New Targets(1): livebuses.com
Targets from prev attack(7): limassolairportexpress.eu, www.limassoltourism.com, www.publictransport.com.cy, eoalemesos.org.cy, www.limassol.org.cy, www.gov.cy, www.pafosbuses.com
Dismissed Targets(0):

Detected attack on 2026-03-10_07-40-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 07:40:08 +0000

Noname057(16) has targeted several websites primarily in Cyprus. The attacked sites include government resources, tourism-related platforms, and public transport services, indicating a focus on critical infrastructure and local services within the country.^{AI generated}
7 targets are under attack, 1 new targets and 6 targets from previous attack
New Targets(1): www.pafosbuses.com
Targets from prev attack(6): eoalemesos.org.cy, www.limassoltourism.com, www.publictransport.com.cy, limassolairportexpress.eu, www.gov.cy, www.limassol.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_07-35-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 07:35:08 +0000

Noname057(16) has targeted several websites primarily located in Cyprus. The attacked sites include eoalemesos.org.cy, www.limassoltourism.com, www.publictransport.com.cy, limassolairportexpress.eu, www.gov.cy, and www.limassol.org.cy. These attacks indicate a focus on local government, tourism, and transportation sectors within the country.^{AI generated}
6 targets are under attack, 1 new targets and 5 targets from previous attack
New Targets(1): eoalemesos.org.cy
Targets from prev attack(5): www.limassoltourism.com, www.publictransport.com.cy, limassolairportexpress.eu, www.gov.cy, www.limassol.org.cy
Dismissed Targets(0):

Detected attack on 2026-03-10_07-10-09

codabar@42de.it (Alfredo Terrone) — Tue, 10 Mar 2026 07:10:09 +0000

Noname057(16) has targeted various websites primarily in Cyprus, including public transport services, airport express services, tourism sites, and government portals. The main focus of the attacks appears to be on the online presence of Limassol and the broader Cypriot infrastructure.^{AI generated}
5 targets are under attack, 5 new targets and 0 targets from previous attack
New Targets(5): www.publictransport.com.cy, limassolairportexpress.eu, www.limassoltourism.com, www.gov.cy, www.limassol.org.cy
Targets from prev attack(0):
Dismissed Targets(30): www.cyprusbybus.com, brand.wise.com, www.cse.com.cy, www.jpost.com, www.centralbank.com, cge.cyprus.gov.cy, ftphb.hellenicbank.com, www.alphabank.com.cy, www.budget.co.il, noamparty.org.il, www.stingtv.co.il, taxportal.mof.gov.cy, www.hotmobile.co.il, www.eprocurement.gov.cy, www.cyta.com.cy, shas.org.il, elbitsystems.com, www.bankofcyprus.com, www.018.co.il, wise.com, www.ariel.muni.il, www.hellenicbank.com, auth.hellenicbank.com, bostanmerj.nqa.nadsoft.co, www.deigma.audit.gov.cy, online.bankofcyprus.com, login.cyta.com.cy, ccci.org.cy, aeb.alphabank.com.cy, www.cyprusrfp.com

Detected attack on 2026-03-09_11-05-10

codabar@42de.it (Alfredo Terrone) — Mon, 09 Mar 2026 11:05:10 +0000

Noname057(16) has targeted various websites primarily in Israel and Cyprus. The attacks include media outlets, banking institutions, government services, and public transport websites. Notable targets are the Jerusalem Post, multiple banks like Bank of Cyprus and Hellenic Bank, and government portals related to finance and procurement. The campaign highlights a focus on critical infrastructure and information services in these regions.^{AI generated}
30 targets are under attack, 9 new targets and 21 targets from previous attack
New Targets(9): www.hotmobile.co.il, www.budget.co.il, www.stingtv.co.il, shas.org.il, noamparty.org.il, www.jpost.com, bostanmerj.nqa.nadsoft.co, www.ariel.muni.il, www.018.co.il
Targets from prev attack(21): brand.wise.com, www.cyta.com.cy, www.cyprusbybus.com, elbitsystems.com, www.centralbank.com, www.cyprusrfp.com, www.deigma.audit.gov.cy, wise.com, login.cyta.com.cy, online.bankofcyprus.com, www.bankofcyprus.com, www.eprocurement.gov.cy, www.cse.com.cy, www.hellenicbank.com, taxportal.mof.gov.cy, www.alphabank.com.cy, ftphb.hellenicbank.com, ccci.org.cy, auth.hellenicbank.com, aeb.alphabank.com.cy, cge.cyprus.gov.cy
Dismissed Targets(0):

Detected attack on 2026-03-09_07-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 09 Mar 2026 07:10:08 +0000

The attacks by noname057(16) primarily targeted websites in Cyprus, including government entities like the audit and procurement offices, as well as major financial institutions such as Bank of Cyprus and Hellenic Bank. Other affected sites include the Central Bank of Cyprus and various local businesses and services, indicating a focused campaign against key sectors in the region.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.deigma.audit.gov.cy, ftphb.hellenicbank.com, auth.hellenicbank.com, www.eprocurement.gov.cy, www.bankofcyprus.com, www.hellenicbank.com, taxportal.mof.gov.cy, wise.com, elbitsystems.com, www.centralbank.com, www.cyta.com.cy, www.cse.com.cy, ccci.org.cy, www.cyprusrfp.com, online.bankofcyprus.com, cge.cyprus.gov.cy, www.alphabank.com.cy, login.cyta.com.cy, aeb.alphabank.com.cy, www.cyprusbybus.com, brand.wise.com
Targets from prev attack(0):
Dismissed Targets(16): www.bvl.de, beteiligungsportal.hessen.de, www.evergabe.nrw.de, www.customs-broker.de, www.salzwedel.de, www.saalekreis.de, www.bescha.bund.de, auftraege.bayern.de, www.service-bw.de, www.deutsche-boerse.com, www.elster.de, vergabemarktplatz.brandenburg.de, www.evergabe-mv.de, www.vergabe24.de, www.evergabe-online.de, www.deutsches-ausschreibungsblatt.de

Detected attack on 2026-03-08_08-10-08

codabar@42de.it (Alfredo Terrone) — Sun, 08 Mar 2026 08:10:08 +0000

Noname057(16) has targeted various websites primarily in Germany, affecting platforms related to public procurement and government services. Key sites include auftraege.bayern.de, elster.de, and evergabe-mv.de, among others. The attacks highlight a focus on German entities, particularly in the fields of customs, public bidding, and regional government services.^{AI generated}
16 targets are under attack, 0 new targets and 16 targets from previous attack
New Targets(0):
Targets from prev attack(16): auftraege.bayern.de, www.customs-broker.de, www.vergabe24.de, www.elster.de, www.bvl.de, www.evergabe-online.de, www.deutsches-ausschreibungsblatt.de, www.salzwedel.de, vergabemarktplatz.brandenburg.de, www.saalekreis.de, beteiligungsportal.hessen.de, www.bescha.bund.de, www.deutsche-boerse.com, www.evergabe.nrw.de, www.evergabe-mv.de, www.service-bw.de
Dismissed Targets(1): www.vg-arendsee-kalbe.de

Detected attack on 2026-03-08_07-10-07

codabar@42de.it (Alfredo Terrone) — Sun, 08 Mar 2026 07:10:07 +0000

Noname057(16) has targeted various websites primarily in Germany, focusing on government, procurement, and public service platforms. Key sites include those related to public procurement and administrative services, indicating a concentrated effort against German digital infrastructure.^{AI generated}
17 targets are under attack, 5 new targets and 12 targets from previous attack
New Targets(5): www.customs-broker.de, www.vergabe24.de, www.deutsches-ausschreibungsblatt.de, www.deutsche-boerse.com, www.evergabe.nrw.de
Targets from prev attack(12): www.bescha.bund.de, www.evergabe-mv.de, www.evergabe-online.de, beteiligungsportal.hessen.de, www.vg-arendsee-kalbe.de, www.elster.de, vergabemarktplatz.brandenburg.de, www.salzwedel.de, www.bvl.de, auftraege.bayern.de, www.saalekreis.de, www.service-bw.de
Dismissed Targets(14): www.zwickau.de, www.erfurt.de, www.nowycasnik.de, bayvebe.bayern.de, www.limbach-oberfrohna.de, stiftung-moritzburg.de, www.bode-holtemme.de, www.koethen-anhalt.de, www.kaiserslautern.de, www.gladbeck.de, www.wanzleben-boerde.de, www.tangermuende.de, www.kreis-oh.de, www.naumburg.de

Detected attack on 2026-03-08_07-05-08

codabar@42de.it (Alfredo Terrone) — Sun, 08 Mar 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target websites in Germany, affecting various regional and governmental portals. Key areas under attack include federal and state-level services, as well as local municipalities, indicating a concentrated effort to disrupt public sector operations in the country.^{AI generated}
26 targets are under attack, 11 new targets and 15 targets from previous attack
New Targets(11): www.bescha.bund.de, www.evergabe-mv.de, www.evergabe-online.de, www.elster.de, www.bvl.de, vergabemarktplatz.brandenburg.de, www.salzwedel.de, www.saalekreis.de, beteiligungsportal.hessen.de, auftraege.bayern.de, www.service-bw.de
Targets from prev attack(15): www.zwickau.de, www.erfurt.de, www.nowycasnik.de, www.vg-arendsee-kalbe.de, bayvebe.bayern.de, www.limbach-oberfrohna.de, stiftung-moritzburg.de, www.bode-holtemme.de, www.koethen-anhalt.de, www.kaiserslautern.de, www.gladbeck.de, www.wanzleben-boerde.de, www.tangermuende.de, www.kreis-oh.de, www.naumburg.de
Dismissed Targets(0):

Detected attack on 2026-03-07_07-05-11

codabar@42de.it (Alfredo Terrone) — Sat, 07 Mar 2026 07:05:11 +0000

The attacks by noname057(16) primarily targeted websites in Germany. Key cities under attack include Kaiserslautern, Gladbeck, Limbach-Oberfrohna, Naumburg, and Erfurt, among others. Additionally, several regional sites from various German municipalities were compromised.^{AI generated}
15 targets are under attack, 15 new targets and 0 targets from previous attack
New Targets(15): www.kaiserslautern.de, www.gladbeck.de, www.vg-arendsee-kalbe.de, www.limbach-oberfrohna.de, www.nowycasnik.de, www.naumburg.de, www.wanzleben-boerde.de, www.bode-holtemme.de, www.kreis-oh.de, bayvebe.bayern.de, www.koethen-anhalt.de, www.tangermuende.de, www.zwickau.de, www.erfurt.de, stiftung-moritzburg.de
Targets from prev attack(0):
Dismissed Targets(29): go.galil.gov.il, shas.org.il, www.umelfahem.org, www.tendersinfo.com, sys.mybenefits.gov.il, elronventures.com, mybenefits.gov.il, www.fraunhofer.de, www.alony-hetz.com, www.gardelegen.de, www.globaltenders.com, www.delek-group.com, ecom.gov.il, pti.org.il, www.magdeburgerdom.de, www.boerse-duesseldorf.de, www.boersenag.de, www.sachsen-anhalt.de, www.altmarkkreis-salzwedel.de, www.boerse-hannover.de, www.magdeburg.de, www.kalbe-milde.de, www.rosh-haayin.muni.il, www.geschw-stevens.de, www.tradegatebsx.com, www.iec.co.il, www.quotrix.de, www.camtek.com, ecourts.justice.gov.il

Detected attack on 2026-03-07_06-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 07 Mar 2026 06:10:08 +0000

The attacks attributed to noname057(16) primarily targeted websites in Germany and Israel. Key sectors affected include finance, government services, and technology. Notable examples include German financial sites like boerse-duesseldorf.de and various Israeli government and municipal websites such as go.galil.gov.il and rosh-haayin.muni.il. The attacks highlight a focus on critical infrastructure and public services in these regions.^{AI generated}
29 targets are under attack, 0 new targets and 29 targets from previous attack
New Targets(0):
Targets from prev attack(29): www.quotrix.de, www.boerse-duesseldorf.de, go.galil.gov.il, www.iec.co.il, sys.mybenefits.gov.il, www.geschw-stevens.de, www.tendersinfo.com, www.rosh-haayin.muni.il, shas.org.il, www.kalbe-milde.de, www.altmarkkreis-salzwedel.de, www.magdeburgerdom.de, www.tradegatebsx.com, www.sachsen-anhalt.de, www.gardelegen.de, www.boersenag.de, www.umelfahem.org, ecom.gov.il, pti.org.il, elronventures.com, www.alony-hetz.com, ecourts.justice.gov.il, mybenefits.gov.il, www.magdeburg.de, www.delek-group.com, www.fraunhofer.de, www.camtek.com, www.globaltenders.com, www.boerse-hannover.de
Dismissed Targets(2): www.tazkirim.gov.il, www.space.gov.il

Detected attack on 2026-03-06_19-50-10

codabar@42de.it (Alfredo Terrone) — Fri, 06 Mar 2026 19:50:10 +0000

The attacks attributed to noname057 primarily targeted websites in Israel and Germany. Key sectors affected include government, technology, and finance. Notable sites include various Israeli government portals and institutions, as well as German regional and financial websites.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): www.camtek.com, www.tazkirim.gov.il, www.geschw-stevens.de, www.sachsen-anhalt.de, www.fraunhofer.de, www.gardelegen.de, www.rosh-haayin.muni.il, www.globaltenders.com, ecom.gov.il, sys.mybenefits.gov.il, www.iec.co.il, www.boerse-hannover.de, pti.org.il, mybenefits.gov.il, www.kalbe-milde.de, www.boerse-duesseldorf.de, www.tendersinfo.com, www.quotrix.de, www.tradegatebsx.com, www.altmarkkreis-salzwedel.de, www.delek-group.com, ecourts.justice.gov.il, www.magdeburg.de, shas.org.il, www.space.gov.il, www.umelfahem.org, www.magdeburgerdom.de, elronventures.com, go.galil.gov.il, www.alony-hetz.com, www.boersenag.de
Dismissed Targets(2): www.deutsche-boerse.com, www.customs-broker.de

Detected attack on 2026-03-06_19-25-11

codabar@42de.it (Alfredo Terrone) — Fri, 06 Mar 2026 19:25:11 +0000

Noname057(16) has targeted various websites primarily in Israel and Germany. Notable attacks include Israeli government sites such as ecourts.justice.gov.il and ecom.gov.il, as well as several organizations like shas.org.il and mybenefits.gov.il. In Germany, the attacks affected multiple regional and financial institutions, including boerse-duesseldorf.de, fraunhofer.de, and boerse-hannover.de. The campaign highlights a significant focus on both Israeli and German entities.^{AI generated}
33 targets are under attack, 0 new targets and 33 targets from previous attack
New Targets(0):
Targets from prev attack(33): ecourts.justice.gov.il, www.boerse-duesseldorf.de, www.sachsen-anhalt.de, www.tazkirim.gov.il, ecom.gov.il, www.space.gov.il, shas.org.il, mybenefits.gov.il, www.umelfahem.org, www.gardelegen.de, www.kalbe-milde.de, sys.mybenefits.gov.il, www.delek-group.com, www.fraunhofer.de, www.tendersinfo.com, www.quotrix.de, www.magdeburgerdom.de, www.boerse-hannover.de, pti.org.il, www.tradegatebsx.com, www.boersenag.de, www.altmarkkreis-salzwedel.de, www.globaltenders.com, go.galil.gov.il, www.alony-hetz.com, www.rosh-haayin.muni.il, www.magdeburg.de, www.iec.co.il, www.geschw-stevens.de, elronventures.com, www.deutsche-boerse.com, www.customs-broker.de, www.camtek.com
Dismissed Targets(2): www.bescha.bund.de, www.salzwedel.de

Detected attack on 2026-03-06_11-05-16

codabar@42de.it (Alfredo Terrone) — Fri, 06 Mar 2026 11:05:16 +0000

The attacks attributed to noname057 primarily target websites in Germany and Israel. Key German sites include various financial and governmental platforms such as boerse-duesseldorf.de and fraunhofer.de. In Israel, the attacks focus on government and municipal sites, including ecom.gov.il and rosh-haayin.muni.il. The diversity of targets suggests a broad interest in both financial and governmental data across these countries.^{AI generated}
35 targets are under attack, 16 new targets and 19 targets from previous attack
New Targets(16): mybenefits.gov.il, www.camtek.com, shas.org.il, www.space.gov.il, go.galil.gov.il, elronventures.com, sys.mybenefits.gov.il, www.iec.co.il, www.alony-hetz.com, www.tazkirim.gov.il, www.umelfahem.org, ecom.gov.il, www.delek-group.com, www.rosh-haayin.muni.il, pti.org.il, ecourts.justice.gov.il
Targets from prev attack(19): www.gardelegen.de, www.globaltenders.com, www.boerse-duesseldorf.de, www.deutsche-boerse.com, www.altmarkkreis-salzwedel.de, www.fraunhofer.de, www.tendersinfo.com, www.kalbe-milde.de, www.quotrix.de, www.geschw-stevens.de, www.boerse-hannover.de, www.customs-broker.de, www.tradegatebsx.com, www.boersenag.de, www.sachsen-anhalt.de, www.magdeburgerdom.de, www.salzwedel.de, www.bescha.bund.de, www.magdeburg.de
Dismissed Targets(0):

Detected attack on 2026-03-06_07-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 06 Mar 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target websites in Germany, focusing on various local government and financial institutions. Key cities under attack include Düsseldorf, Magdeburg, and Salzwedel, with notable organizations like Deutsche Börse and Fraunhofer also affected. The attacks highlight a significant threat to both public and private sectors within the country.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.boerse-duesseldorf.de, www.magdeburg.de, www.sachsen-anhalt.de, www.deutsche-boerse.com, www.tendersinfo.com, www.salzwedel.de, www.bescha.bund.de, www.boerse-hannover.de, www.globaltenders.com, www.customs-broker.de, www.boersenag.de, www.geschw-stevens.de, www.kalbe-milde.de, www.tradegatebsx.com, www.magdeburgerdom.de, www.fraunhofer.de, www.altmarkkreis-salzwedel.de, www.quotrix.de, www.gardelegen.de
Targets from prev attack(0):
Dismissed Targets(32): www.service-bw.de, www.hellmann.com, www.lzbw.de, www.bundesanzeiger.de, bieterportal.noncd.db.de, www.iaa.gov.il, www.mizrahi-tefahot.co.il, www.dbschenker.com, www.rail.co.il, www.bvl.de, www.vergabe.rlp.de, beteiligungsportal.hessen.de, www.evergabe.sachsen-anhalt.de, digitales.hessen.de, bauleitplanung.hessen.de, finanzamt.hessen.de, www.boi.org.il, www.vergabe24.de, www.evergabe.nrw.de, www.dachser.com, www.cfir.co.il, arabic.leumi.co.il, www.fibi.co.il, www.carmelithaifa.com, eah.hessen.de, www.leumi-ru.co.il, portal.mvp.bafin.de, vergabemarktplatz.brandenburg.de, www.deutsches-ausschreibungsblatt.de, english.leumi.co.il, www.bafin.de, hb2.bankleumi.co.il

Detected attack on 2026-03-05_12-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 12:10:08 +0000

Noname057(16) has targeted various websites across multiple countries, primarily focusing on Germany and Israel. The attacks include significant German institutions such as Bafin, Bundesanzeiger, and several state procurement portals, indicating a strong interest in governmental and financial sectors. In Israel, the attacks affected major banks and companies like Leumi and Mizrahi-Tefahot, highlighting a focus on the financial industry. Other targeted sites include logistics and service providers, suggesting a broad strategy aimed at disrupting both public and private sectors in these nations.^{AI generated}
32 targets are under attack, 11 new targets and 21 targets from previous attack
New Targets(11): hb2.bankleumi.co.il, www.cfir.co.il, www.carmelithaifa.com, www.leumi-ru.co.il, www.rail.co.il, arabic.leumi.co.il, www.boi.org.il, www.mizrahi-tefahot.co.il, www.iaa.gov.il, english.leumi.co.il, www.fibi.co.il
Targets from prev attack(21): www.bafin.de, www.bundesanzeiger.de, www.vergabe24.de, www.lzbw.de, beteiligungsportal.hessen.de, www.bvl.de, digitales.hessen.de, www.hellmann.com, www.dbschenker.com, www.service-bw.de, vergabemarktplatz.brandenburg.de, www.deutsches-ausschreibungsblatt.de, portal.mvp.bafin.de, finanzamt.hessen.de, eah.hessen.de, bieterportal.noncd.db.de, www.evergabe.sachsen-anhalt.de, www.vergabe.rlp.de, www.evergabe.nrw.de, www.dachser.com, bauleitplanung.hessen.de
Dismissed Targets(0):

Detected attack on 2026-03-05_07-35-07

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 07:35:07 +0000

The attacks attributed to noname057 primarily targeted websites in Germany. Key sectors affected include government agencies, logistics companies, and public procurement platforms. Notable organizations include Hessen's financial and digital services, as well as major logistics firms like Hellmann, DB Schenker, and Dachser. The attacks highlight vulnerabilities in both public and private sectors across various regions in Germany.^{AI generated}
21 targets are under attack, 7 new targets and 14 targets from previous attack
New Targets(7): www.bafin.de, www.bundesanzeiger.de, www.hellmann.com, portal.mvp.bafin.de, www.dachser.com, www.bvl.de, www.dbschenker.com
Targets from prev attack(14): beteiligungsportal.hessen.de, eah.hessen.de, finanzamt.hessen.de, www.lzbw.de, bieterportal.noncd.db.de, www.evergabe.sachsen-anhalt.de, www.vergabe.rlp.de, bauleitplanung.hessen.de, www.evergabe.nrw.de, www.service-bw.de, www.deutsches-ausschreibungsblatt.de, www.vergabe24.de, vergabemarktplatz.brandenburg.de, digitales.hessen.de
Dismissed Targets(0):

Detected attack on 2026-03-05_07-25-09

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 07:25:09 +0000

Noname057(16) has targeted several websites primarily in Germany, focusing on various governmental and public service platforms. The main countries under attack include Germany, with specific sites related to public procurement, finance, and regional services in Hesse, Brandenburg, and North Rhine-Westphalia.^{AI generated}
14 targets are under attack, 2 new targets and 12 targets from previous attack
New Targets(2): www.deutsches-ausschreibungsblatt.de, bieterportal.noncd.db.de
Targets from prev attack(12): www.vergabe24.de, digitales.hessen.de, www.lzbw.de, beteiligungsportal.hessen.de, www.service-bw.de, finanzamt.hessen.de, www.vergabe.rlp.de, vergabemarktplatz.brandenburg.de, www.evergabe.nrw.de, bauleitplanung.hessen.de, eah.hessen.de, www.evergabe.sachsen-anhalt.de
Dismissed Targets(0):

Detected attack on 2026-03-05_07-20-08

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 07:20:08 +0000

Noname057(16) has targeted various government and public service websites primarily in Germany. The attacked sites include regional portals related to finance, procurement, and planning, specifically from the states of Hesse, Saxony-Anhalt, North Rhine-Westphalia, and Brandenburg. These attacks highlight a focus on disrupting local government services and access to public information.^{AI generated}
12 targets are under attack, 1 new targets and 11 targets from previous attack
New Targets(1): www.vergabe24.de
Targets from prev attack(11): finanzamt.hessen.de, www.evergabe.sachsen-anhalt.de, www.service-bw.de, www.evergabe.nrw.de, www.lzbw.de, eah.hessen.de, digitales.hessen.de, www.vergabe.rlp.de, vergabemarktplatz.brandenburg.de, bauleitplanung.hessen.de, beteiligungsportal.hessen.de
Dismissed Targets(0):

Detected attack on 2026-03-05_07-15-07

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 07:15:07 +0000

Noname057(16) has targeted several government and public service websites primarily in Germany. The attacks have affected various states, including Hesse, Saxony-Anhalt, North Rhine-Westphalia, Baden-Württemberg, and Brandenburg, indicating a focus on regional administrative platforms.^{AI generated}
11 targets are under attack, 3 new targets and 8 targets from previous attack
New Targets(3): www.evergabe.sachsen-anhalt.de, www.vergabe.rlp.de, www.evergabe.nrw.de
Targets from prev attack(8): finanzamt.hessen.de, www.service-bw.de, www.lzbw.de, eah.hessen.de, digitales.hessen.de, vergabemarktplatz.brandenburg.de, bauleitplanung.hessen.de, beteiligungsportal.hessen.de
Dismissed Targets(0):

Detected attack on 2026-03-05_07-10-07

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 07:10:07 +0000

Noname057(16) has targeted various websites primarily in Germany, specifically focusing on the state of Hesse with sites like digitales.hessen.de and finanzamt.hessen.de. Other notable attacks include websites from Baden-Württemberg, such as www.lzbw.de and www.service-bw.de, as well as Brandenburg with vergabemarktplatz.brandenburg.de. The attacks highlight a concentrated effort against governmental and regional services in these German states.^{AI generated}
8 targets are under attack, 1 new targets and 7 targets from previous attack
New Targets(1): vergabemarktplatz.brandenburg.de
Targets from prev attack(7): digitales.hessen.de, beteiligungsportal.hessen.de, finanzamt.hessen.de, bauleitplanung.hessen.de, www.lzbw.de, www.service-bw.de, eah.hessen.de
Dismissed Targets(34): www.elster.de, www.cdu.de, www.bezeq.co.il, www.evergabe-mv.de, www.top-i.com, www.wanzleben-boerde.de, www.epicos.com, my.bezeq.co.il, anmeldung.mdv-verbundgebiet.de, www.nowycasnik.de, www.urbanaero.com, www.service.bund.de, www.mekorot.co.il, oeffentlichevergabe.de, www.tadirantele.com, www.oscherslebenbode.de, www.tangermuende.de, www.mdv-verbundgebiet.de, www.saalekreis.de, www.strauss-group.com, www.rafael.co.il, www.aschersleben.de, www.naumburg.de, auftraege.bayern.de, www.iai.co.il, www.spd.de, www.bg-paint.co.il, www.evergabe-online.de, www.kavim-t.com, www.tangerhuette.de, it-ausschreibung.de, www.electra-afikim.co.il, www.haldensleben.de, www.vergabe.bayern.de

Detected attack on 2026-03-05_07-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 05 Mar 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target websites from Germany and Israel. Key sectors affected include government services, public procurement, and telecommunications. Notable sites attacked include those of political parties, local municipalities, and utility companies, indicating a focus on critical infrastructure and public institutions in these countries.^{AI generated}
41 targets are under attack, 7 new targets and 34 targets from previous attack
New Targets(7): digitales.hessen.de, beteiligungsportal.hessen.de, finanzamt.hessen.de, bauleitplanung.hessen.de, www.lzbw.de, www.service-bw.de, eah.hessen.de
Targets from prev attack(34): www.elster.de, www.cdu.de, www.bezeq.co.il, www.evergabe-mv.de, www.top-i.com, www.wanzleben-boerde.de, my.bezeq.co.il, anmeldung.mdv-verbundgebiet.de, www.epicos.com, www.nowycasnik.de, www.urbanaero.com, www.service.bund.de, www.mekorot.co.il, oeffentlichevergabe.de, www.tadirantele.com, www.oscherslebenbode.de, www.tangermuende.de, www.mdv-verbundgebiet.de, www.saalekreis.de, www.strauss-group.com, www.rafael.co.il, www.aschersleben.de, www.naumburg.de, www.iai.co.il, auftraege.bayern.de, www.spd.de, www.bg-paint.co.il, www.evergabe-online.de, www.kavim-t.com, www.tangerhuette.de, it-ausschreibung.de, www.electra-afikim.co.il, www.haldensleben.de, www.vergabe.bayern.de
Dismissed Targets(0):

Detected attack on 2026-03-04_11-05-08

codabar@42de.it (Alfredo Terrone) — Wed, 04 Mar 2026 11:05:08 +0000

The attacks attributed to noname057 primarily target websites from Germany and Israel. Key German sites include government and regional portals such as service.bund.de, spd.de, and various local municipal websites. Israeli targets feature companies and organizations like rafael.co.il and mekorot.co.il. Other affected countries include some European nations, indicated by sites like wanzleben-boerde.de and evergabe-online.de. Overall, the attack patterns show a focus on governmental and public service sectors in these regions.^{AI generated}
34 targets are under attack, 13 new targets and 21 targets from previous attack
New Targets(13): www.electra-afikim.co.il, my.bezeq.co.il, www.bezeq.co.il, www.rafael.co.il, www.tadirantele.com, www.urbanaero.com, www.epicos.com, www.iai.co.il, www.bg-paint.co.il, www.strauss-group.com, www.top-i.com, www.mekorot.co.il, www.kavim-t.com
Targets from prev attack(21): www.service.bund.de, www.spd.de, www.wanzleben-boerde.de, www.vergabe.bayern.de, www.evergabe-online.de, www.mdv-verbundgebiet.de, www.nowycasnik.de, www.cdu.de, www.tangermuende.de, www.evergabe-mv.de, www.saalekreis.de, www.tangerhuette.de, www.elster.de, it-ausschreibung.de, anmeldung.mdv-verbundgebiet.de, www.haldensleben.de, www.aschersleben.de, auftraege.bayern.de, www.oscherslebenbode.de, oeffentlichevergabe.de, www.naumburg.de
Dismissed Targets(0):

Detected attack on 2026-03-04_07-10-08

codabar@42de.it (Alfredo Terrone) — Wed, 04 Mar 2026 07:10:08 +0000

The attacks attributed to noname057 primarily targeted websites in Germany, including various governmental and local authority sites. Key regions affected include Bavaria, Saxony-Anhalt, and several municipalities, indicating a focus on public procurement and administrative platforms. The attacks highlight vulnerabilities in digital infrastructures used by local and regional government entities.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): oeffentlichevergabe.de, www.mdv-verbundgebiet.de, www.tangermuende.de, auftraege.bayern.de, www.oscherslebenbode.de, www.spd.de, www.cdu.de, www.aschersleben.de, www.haldensleben.de, www.service.bund.de, www.wanzleben-boerde.de, www.naumburg.de, www.tangerhuette.de, www.elster.de, www.evergabe-mv.de, www.evergabe-online.de, www.vergabe.bayern.de, anmeldung.mdv-verbundgebiet.de, it-ausschreibung.de, www.nowycasnik.de, www.saalekreis.de
Targets from prev attack(0):
Dismissed Targets(28): www.finanzamt-lohr.de, www.finanzamt-bad-kissingen.de, service.we-com.co.il, www.akko.muni.il, www.018.co.il, www.finanzamt-wuerzburg.de, www.finanzamt-aschaffenburg.de, www.zwickau.de, we-com.co.il, www.kul-alarab.com, biddetail.com, termokir.co.il, www.finanzamt-zeil.de, www.efrat.muni.il, www.landtag.sachsen-anhalt.de, www.gladbeck.de, www.kaiserslautern.de, cellcom.co.il, www.finanzamt-obernburg.de, www.rafa.co.il, www.finanzamt-bad-neustadt.de, www.finanzamt-kitzingen.de, shop.sternundkreis.de, www.limbach-oberfrohna.de, www.jpost.com, www.finanzamt-schweinfurt.de, www.maariv.co.il, dtvp.de

Detected attack on 2026-03-03_16-25-09

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 16:25:09 +0000

The attacks by noname057 primarily targeted websites in Israel and Germany. Key sites affected include various financial and municipal websites in Germany, such as several Finanzamt (tax office) domains, and notable Israeli sites like jpost.com and cellcom.co.il. The attacks demonstrate a focus on both governmental and commercial entities in these countries.^{AI generated}
28 targets are under attack, 2 new targets and 26 targets from previous attack
New Targets(2): www.efrat.muni.il, cellcom.co.il
Targets from prev attack(26): service.we-com.co.il, dtvp.de, www.finanzamt-bad-neustadt.de, www.kaiserslautern.de, www.finanzamt-kitzingen.de, termokir.co.il, www.finanzamt-bad-kissingen.de, www.rafa.co.il, www.018.co.il, www.finanzamt-schweinfurt.de, www.limbach-oberfrohna.de, www.jpost.com, www.gladbeck.de, we-com.co.il, www.finanzamt-lohr.de, shop.sternundkreis.de, www.finanzamt-obernburg.de, www.zwickau.de, www.kul-alarab.com, www.akko.muni.il, www.finanzamt-aschaffenburg.de, biddetail.com, www.landtag.sachsen-anhalt.de, www.finanzamt-wuerzburg.de, www.maariv.co.il, www.finanzamt-zeil.de
Dismissed Targets(0):

Detected attack on 2026-03-03_12-45-08

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 12:45:08 +0000

The attacks by noname057 primarily targeted websites in Israel and Germany. Key sites affected include various municipal and financial institutions in Germany, such as Finanzamt websites, and several news and service platforms in Israel, including jpost.com and maariv.co.il. The attacks highlight a focus on critical infrastructure and media outlets in these countries.^{AI generated}
26 targets are under attack, 2 new targets and 24 targets from previous attack
New Targets(2): we-com.co.il, service.we-com.co.il
Targets from prev attack(24): termokir.co.il, www.gladbeck.de, www.finanzamt-bad-neustadt.de, www.akko.muni.il, www.finanzamt-bad-kissingen.de, www.jpost.com, www.kul-alarab.com, www.finanzamt-obernburg.de, www.finanzamt-zeil.de, www.finanzamt-lohr.de, www.finanzamt-aschaffenburg.de, www.finanzamt-kitzingen.de, www.rafa.co.il, shop.sternundkreis.de, www.zwickau.de, www.kaiserslautern.de, www.maariv.co.il, www.018.co.il, www.landtag.sachsen-anhalt.de, www.finanzamt-schweinfurt.de, dtvp.de, biddetail.com, www.limbach-oberfrohna.de, www.finanzamt-wuerzburg.de
Dismissed Targets(0):

Detected attack on 2026-03-03_12-40-09

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 12:40:09 +0000

The attacks attributed to noname057 primarily target websites in Israel and Germany. Key affected sites include Israeli news outlets such as JPost and Maariv, as well as various municipal and financial institutions in Germany, including multiple Finanzämter (tax offices) across different cities like Würzburg, Kitzingen, and Aschaffenburg. Other notable targets include local government websites and businesses in both countries.^{AI generated}
24 targets are under attack, 6 new targets and 18 targets from previous attack
New Targets(6): www.rafa.co.il, www.jpost.com, www.maariv.co.il, www.018.co.il, www.kul-alarab.com, termokir.co.il
Targets from prev attack(18): www.akko.muni.il, www.finanzamt-schweinfurt.de, dtvp.de, www.finanzamt-zeil.de, www.gladbeck.de, shop.sternundkreis.de, www.finanzamt-obernburg.de, www.finanzamt-wuerzburg.de, www.landtag.sachsen-anhalt.de, www.finanzamt-kitzingen.de, www.finanzamt-lohr.de, www.limbach-oberfrohna.de, www.finanzamt-aschaffenburg.de, www.zwickau.de, www.kaiserslautern.de, www.finanzamt-bad-kissingen.de, biddetail.com, www.finanzamt-bad-neustadt.de
Dismissed Targets(0):

Detected attack on 2026-03-03_12-35-07

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 12:35:07 +0000

The attacks attributed to noname057 primarily target websites in Germany, particularly local government and financial institutions. Key sites affected include municipal websites and tax offices, indicating a focus on regional governance and public services. The attacks highlight vulnerabilities within German digital infrastructure.^{AI generated}
18 targets are under attack, 1 new targets and 17 targets from previous attack
New Targets(1): www.akko.muni.il
Targets from prev attack(17): www.finanzamt-schweinfurt.de, dtvp.de, www.finanzamt-zeil.de, www.gladbeck.de, shop.sternundkreis.de, www.finanzamt-obernburg.de, www.finanzamt-wuerzburg.de, www.landtag.sachsen-anhalt.de, www.finanzamt-kitzingen.de, www.finanzamt-lohr.de, www.zwickau.de, www.finanzamt-aschaffenburg.de, www.limbach-oberfrohna.de, www.kaiserslautern.de, www.finanzamt-bad-kissingen.de, biddetail.com, www.finanzamt-bad-neustadt.de
Dismissed Targets(0):

Detected attack on 2026-03-03_08-05-10

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 08:05:10 +0000

The attacks attributed to noname057 primarily target websites in Germany, focusing on various local government and financial institutions. Notable sites include several Finanzamt (tax office) domains, municipal websites, and a shopping platform. The attacks highlight a concentrated effort against German online services, indicating a potential trend in cyber threats aimed at this region.^{AI generated}
17 targets are under attack, 0 new targets and 17 targets from previous attack
New Targets(0):
Targets from prev attack(17): dtvp.de, www.finanzamt-zeil.de, www.finanzamt-lohr.de, www.finanzamt-bad-neustadt.de, www.finanzamt-schweinfurt.de, www.finanzamt-aschaffenburg.de, biddetail.com, www.limbach-oberfrohna.de, www.finanzamt-wuerzburg.de, www.finanzamt-kitzingen.de, www.finanzamt-bad-kissingen.de, shop.sternundkreis.de, www.zwickau.de, www.finanzamt-obernburg.de, www.landtag.sachsen-anhalt.de, www.kaiserslautern.de, www.gladbeck.de
Dismissed Targets(3): www.vg-arendsee-kalbe.de, www.dortmund.de, www.krone-trailer.com

Detected attack on 2026-03-03_07-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 07:10:08 +0000

Noname057(16) has targeted various websites primarily in Germany. The attacked sites include municipal and financial administration portals, indicating a focus on local government and tax-related services. Key cities under attack include Dortmund, Zwickau, Kaiserslautern, and several others across the country, reflecting a concentrated effort against German online infrastructure.^{AI generated}
20 targets are under attack, 4 new targets and 16 targets from previous attack
New Targets(4): dtvp.de, www.landtag.sachsen-anhalt.de, www.limbach-oberfrohna.de, biddetail.com
Targets from prev attack(16): www.finanzamt-aschaffenburg.de, www.finanzamt-schweinfurt.de, www.vg-arendsee-kalbe.de, www.kaiserslautern.de, www.finanzamt-wuerzburg.de, www.krone-trailer.com, www.finanzamt-zeil.de, www.finanzamt-obernburg.de, shop.sternundkreis.de, www.finanzamt-bad-kissingen.de, www.gladbeck.de, www.dortmund.de, www.finanzamt-bad-neustadt.de, www.finanzamt-kitzingen.de, www.finanzamt-lohr.de, www.zwickau.de
Dismissed Targets(41): www.bazan.co.il, cargal.co.il, besheva.co.il, shas.org.il, reiner-haseloff.de, www.koethen-anhalt.de, aeronautics-sys.com, www.erfurt.de, www.tender24.de, www.arraba.muni.il, www.eilat.muni.il, www.mvhr.org.il, zionutdatit.org.il, www.lod.muni.il, bostanmerj.nqa.nadsoft.co, ludwigshafen.de, www.magdeburg.de, www.l.de, www.stingtv.co.il, www.sbahn-hannover.de, www.ariel.muni.il, www.kreis-hz.de, abugosh.muni.il, www.ozma-yeudit.co.il, www.bode-holtemme.de, shufersal.co.il, www.efrat.muni.il, www.anhalt-bitterfeld.de, cellcom.co.il, www.kreis-oh.de, stiftung-moritzburg.de, www.hotmobile.co.il, bayvebe.bayern.de, www.shomron.org.il, elbitsystems.com, oxar.co.il, www.wanzleben.de, noamparty.org.il, start-ni-mitte.de, www.budget.co.il, frontend-api.sbahn-hannover.de

Detected attack on 2026-03-03_07-05-10

codabar@42de.it (Alfredo Terrone) — Tue, 03 Mar 2026 07:05:10 +0000

The attacks by noname057 primarily targeted websites in Israel and Germany. Notable Israeli sites include municipal and service providers such as abugosh.muni.il, cellcom.co.il, and shas.org.il. In Germany, various municipal and financial administration sites were affected, including finanzamt-kitzingen.de and dortmund.de. This indicates a focus on both local governance and essential services in these two countries.^{AI generated}
57 targets are under attack, 13 new targets and 44 targets from previous attack
New Targets(13): www.finanzamt-bad-neustadt.de, www.finanzamt-schweinfurt.de, shop.sternundkreis.de, www.finanzamt-zeil.de, www.finanzamt-wuerzburg.de, www.gladbeck.de, www.finanzamt-kitzingen.de, www.finanzamt-aschaffenburg.de, www.finanzamt-lohr.de, www.kaiserslautern.de, www.zwickau.de, www.finanzamt-obernburg.de, www.finanzamt-bad-kissingen.de
Targets from prev attack(44): abugosh.muni.il, shufersal.co.il, www.tender24.de, www.mvhr.org.il, www.krone-trailer.com, www.kreis-hz.de, www.vg-arendsee-kalbe.de, www.wanzleben.de, www.dortmund.de, www.efrat.muni.il, www.magdeburg.de, oxar.co.il, cellcom.co.il, www.budget.co.il, elbitsystems.com, www.stingtv.co.il, shas.org.il, www.ariel.muni.il, www.erfurt.de, www.lod.muni.il, besheva.co.il, bostanmerj.nqa.nadsoft.co, www.sbahn-hannover.de, www.kreis-oh.de, www.anhalt-bitterfeld.de, stiftung-moritzburg.de, www.bazan.co.il, www.koethen-anhalt.de, ludwigshafen.de, www.bode-holtemme.de, www.shomron.org.il, bayvebe.bayern.de, www.eilat.muni.il, noamparty.org.il, cargal.co.il, frontend-api.sbahn-hannover.de, reiner-haseloff.de, zionutdatit.org.il, aeronautics-sys.com, www.arraba.muni.il, www.l.de, www.ozma-yeudit.co.il, www.hotmobile.co.il, start-ni-mitte.de
Dismissed Targets(0):

Detected attack on 2026-03-02_11-10-11

codabar@42de.it (Alfredo Terrone) — Mon, 02 Mar 2026 11:10:11 +0000

The attacks attributed to noname057 primarily target websites in Israel and Germany. Key sites affected include various municipal and organizational domains from Israel, such as zionutdatit.org.il and shufersal.co.il, as well as German sites like wanzleben.de and dortmund.de. The campaign reflects a focus on both local government and commercial entities within these countries.^{AI generated}
44 targets are under attack, 23 new targets and 21 targets from previous attack
New Targets(23): zionutdatit.org.il, cargal.co.il, www.ozma-yeudit.co.il, aeronautics-sys.com, www.arraba.muni.il, bostanmerj.nqa.nadsoft.co, www.mvhr.org.il, www.lod.muni.il, shufersal.co.il, noamparty.org.il, shas.org.il, www.efrat.muni.il, www.stingtv.co.il, www.hotmobile.co.il, www.ariel.muni.il, oxar.co.il, www.bazan.co.il, cellcom.co.il, abugosh.muni.il, besheva.co.il, www.eilat.muni.il, www.shomron.org.il, www.budget.co.il
Targets from prev attack(21): www.wanzleben.de, bayvebe.bayern.de, www.kreis-oh.de, stiftung-moritzburg.de, www.anhalt-bitterfeld.de, www.erfurt.de, frontend-api.sbahn-hannover.de, ludwigshafen.de, www.krone-trailer.com, www.koethen-anhalt.de, www.bode-holtemme.de, reiner-haseloff.de, www.tender24.de, www.dortmund.de, start-ni-mitte.de, www.sbahn-hannover.de, www.kreis-hz.de, www.magdeburg.de, elbitsystems.com, www.vg-arendsee-kalbe.de, www.l.de
Dismissed Targets(0):

Detected attack on 2026-03-02_07-05-09

codabar@42de.it (Alfredo Terrone) — Mon, 02 Mar 2026 07:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in Germany, affecting various local government and transportation services. Key cities under attack include Wanzleben, Köthen, Hannover, Dortmund, Magdeburg, and Erfurt. The attacks also impacted organizations and companies such as Elbit Systems and Krone Trailer, indicating a broad range of targets within the country.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.wanzleben.de, www.koethen-anhalt.de, frontend-api.sbahn-hannover.de, www.tender24.de, stiftung-moritzburg.de, www.kreis-oh.de, www.l.de, www.anhalt-bitterfeld.de, bayvebe.bayern.de, elbitsystems.com, www.bode-holtemme.de, www.dortmund.de, www.magdeburg.de, start-ni-mitte.de, www.vg-arendsee-kalbe.de, www.krone-trailer.com, www.erfurt.de, www.sbahn-hannover.de, reiner-haseloff.de, ludwigshafen.de, www.kreis-hz.de
Targets from prev attack(0):
Dismissed Targets(16): solrod.dk, arcticexcursions.com, nyidanmark.dk, www.dmi.dk, expeditionsgreenland.gl, www.stamps.gl, ens.dk, www.phaseone.com, www.sdu.dk, workindenmark.dk, airgreenland.com, traveltrade.visitgreenland.com, mit.dk, lifeindenmark.borger.dk, www.greenland-travel.com, holbaek.dk

Detected attack on 2026-03-01_07-05-09

codabar@42de.it (Alfredo Terrone) — Sun, 01 Mar 2026 07:05:09 +0000

Noname057(16) has targeted several websites primarily from Denmark and Greenland. Key countries under attack include Denmark, which is represented by sites like nyidanmark.dk, solrod.dk, ens.dk, and dmi.dk, as well as Greenland, with targets such as traveltrade.visitgreenland.com and expeditionsgreenland.gl. Other affected sites include phaseone.com, airgreenland.com, and workindenmark.dk, indicating a focus on both governmental and travel-related sectors within these regions.^{AI generated}
16 targets are under attack, 16 new targets and 0 targets from previous attack
New Targets(16): nyidanmark.dk, www.sdu.dk, solrod.dk, ens.dk, expeditionsgreenland.gl, www.phaseone.com, www.greenland-travel.com, www.dmi.dk, airgreenland.com, www.stamps.gl, arcticexcursions.com, mit.dk, holbaek.dk, workindenmark.dk, traveltrade.visitgreenland.com, lifeindenmark.borger.dk
Targets from prev attack(0):
Dismissed Targets(18): socialistiskfolkeparti.dk, portofkalundborg.dk, www.nrg.dk, www.scangl.dk, www.qq.dk, www.borger.dk, www.karstensens.dk, www.dsb.dk, www.rn.dk, handelsretten.dk, www.transportministeriet.dk, copenhagensuborbitals.com, ntg.com, rigsadvokaten.dk, byret.dk, www.onlinebutik.dk, netbutik.postnord.dk, ringsted.dk

Detected attack on 2026-02-28_07-10-10

codabar@42de.it (Alfredo Terrone) — Sat, 28 Feb 2026 07:10:10 +0000

The attacks by noname057(16) primarily targeted Denmark, with various websites including government, transportation, and legal institutions. Notable sites attacked include ntg.com, the Danish Ministry of Transport, and several local Danish businesses and organizations.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): ntg.com, www.transportministeriet.dk, www.karstensens.dk, handelsretten.dk, rigsadvokaten.dk, www.dsb.dk, portofkalundborg.dk, copenhagensuborbitals.com, www.borger.dk, www.onlinebutik.dk, netbutik.postnord.dk, ringsted.dk, socialistiskfolkeparti.dk, www.scangl.dk, byret.dk, www.rn.dk, www.nrg.dk, www.qq.dk
Targets from prev attack(0):
Dismissed Targets(30): mit.nanoqmedia.gl, nuukwatertaxi.gl, albatros-arctic-circle.com, www.dr.dk, www.knr.gl, www.autokraz.com.ua, tochprilad.com, ingo.ua, rudersdal.dk, isg.gl, www.banken.gl, www.gronlandskehavnelods.dk, en.midtjyllandslufthavn.dk, stat.gl, www.materials.kiev.ua, merydian.kiev.ua, lansys.com.ua, www.kd-life.com.ua, www.rk.dk, systemtm.com, amstor.com, chezara-telemetria.com, govmin.gl, gentofte.dk, deviro.ua, eastgreenland.com, eia.com.ua, insk.com.ua, nanoqmedia.gl, www.ral.gl

Detected attack on 2026-02-27_16-30-11

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 16:30:11 +0000

Noname057(16) has targeted websites primarily from Greenland, Ukraine, and Denmark. The attacks include a mix of media, government, and commercial sites, indicating a broad interest in disrupting services across these regions. Notable countries under attack include Greenland, with multiple sites affected, alongside a significant number from Ukraine, highlighting ongoing cyber threats in these areas. Denmark also features prominently in the list of targeted sites.^{AI generated}
30 targets are under attack, 0 new targets and 30 targets from previous attack
New Targets(0):
Targets from prev attack(30): www.gronlandskehavnelods.dk, www.autokraz.com.ua, www.banken.gl, ingo.ua, chezara-telemetria.com, lansys.com.ua, nanoqmedia.gl, www.knr.gl, eastgreenland.com, www.ral.gl, www.rk.dk, www.materials.kiev.ua, amstor.com, merydian.kiev.ua, govmin.gl, gentofte.dk, deviro.ua, albatros-arctic-circle.com, www.kd-life.com.ua, eia.com.ua, isg.gl, insk.com.ua, rudersdal.dk, tochprilad.com, nuukwatertaxi.gl, systemtm.com, www.dr.dk, stat.gl, en.midtjyllandslufthavn.dk, mit.nanoqmedia.gl
Dismissed Targets(4): www.stamps.gl, traveltrade.visitgreenland.com, expeditionsgreenland.gl, arcticexcursions.com

Detected attack on 2026-02-27_13-20-09

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 13:20:09 +0000

The attacks attributed to noname057 primarily affected websites in Ukraine, Greenland, and Denmark. Key targets included Ukrainian sites like merydian.kiev.ua and amstor.com, as well as various Greenlandic sites such as albatros-arctic-circle.com and traveltrade.visitgreenland.com. Additionally, several Danish websites, including govmin.gl and dr.dk, were also compromised.^{AI generated}
34 targets are under attack, 0 new targets and 34 targets from previous attack
New Targets(0):
Targets from prev attack(34): albatros-arctic-circle.com, merydian.kiev.ua, amstor.com, traveltrade.visitgreenland.com, govmin.gl, isg.gl, eia.com.ua, www.ral.gl, en.midtjyllandslufthavn.dk, www.materials.kiev.ua, rudersdal.dk, www.dr.dk, ingo.ua, tochprilad.com, www.stamps.gl, www.rk.dk, www.banken.gl, www.gronlandskehavnelods.dk, stat.gl, www.autokraz.com.ua, eastgreenland.com, nanoqmedia.gl, lansys.com.ua, mit.nanoqmedia.gl, systemtm.com, insk.com.ua, arcticexcursions.com, gentofte.dk, expeditionsgreenland.gl, deviro.ua, www.knr.gl, chezara-telemetria.com, nuukwatertaxi.gl, www.kd-life.com.ua
Dismissed Targets(0):

Detected attack on 2026-02-27_11-10-08

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 11:10:08 +0000

Noname057(16) has targeted various websites across multiple countries, primarily focusing on Greenland, Denmark, and Ukraine. The attacks include a mix of tourism, government, and media sites, indicating a broad scope of interest in both local and international affairs. Key countries under attack are Greenland, Denmark, and Ukraine, showcasing a diverse range of sectors affected by these cyber threats.^{AI generated}
34 targets are under attack, 12 new targets and 22 targets from previous attack
New Targets(12): ingo.ua, eia.com.ua, chezara-telemetria.com, deviro.ua, www.materials.kiev.ua, tochprilad.com, insk.com.ua, www.autokraz.com.ua, lansys.com.ua, www.kd-life.com.ua, merydian.kiev.ua, amstor.com
Targets from prev attack(22): arcticexcursions.com, isg.gl, gentofte.dk, www.rk.dk, mit.nanoqmedia.gl, systemtm.com, www.stamps.gl, www.gronlandskehavnelods.dk, rudersdal.dk, www.knr.gl, stat.gl, www.banken.gl, eastgreenland.com, albatros-arctic-circle.com, nuukwatertaxi.gl, expeditionsgreenland.gl, en.midtjyllandslufthavn.dk, www.ral.gl, nanoqmedia.gl, traveltrade.visitgreenland.com, www.dr.dk, govmin.gl
Dismissed Targets(0):

Detected attack on 2026-02-27_11-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 11:05:09 +0000

The attacks attributed to noname057 primarily target websites in Greenland and Denmark. Affected sites include various local businesses, government entities, and media outlets, indicating a focus on both public and private sectors in these regions.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): arcticexcursions.com, govmin.gl, isg.gl, gentofte.dk, www.rk.dk, mit.nanoqmedia.gl, systemtm.com, www.stamps.gl, www.gronlandskehavnelods.dk, rudersdal.dk, stat.gl, www.banken.gl, eastgreenland.com, albatros-arctic-circle.com, nuukwatertaxi.gl, expeditionsgreenland.gl, en.midtjyllandslufthavn.dk, www.ral.gl, nanoqmedia.gl, traveltrade.visitgreenland.com, www.dr.dk, www.knr.gl
Dismissed Targets(0):

Detected attack on 2026-02-27_10-55-54

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 10:55:54 +0000

The attacks by noname057(16) primarily targeted websites in Greenland and Denmark. Key sectors affected include government services, transportation, tourism, and media. Notable sites include various Greenlandic government and tourism websites, as well as Danish regional and national platforms.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): www.banken.gl, nuukwatertaxi.gl, www.rk.dk, eastgreenland.com, nanoqmedia.gl, gentofte.dk, govmin.gl, albatros-arctic-circle.com, www.stamps.gl, www.gronlandskehavnelods.dk, systemtm.com, www.dr.dk, www.knr.gl, en.midtjyllandslufthavn.dk, mit.nanoqmedia.gl, rudersdal.dk, stat.gl, expeditionsgreenland.gl, arcticexcursions.com, isg.gl, www.ral.gl, traveltrade.visitgreenland.com
Dismissed Targets(0):

Detected attack on 2026-02-27_10-50-09

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 10:50:09 +0000

The attacks attributed to noname057 primarily target websites in Greenland and Denmark. Affected sites include various local government, media, and tourism-related platforms, highlighting a focus on regional infrastructure and services. Key countries under attack are Greenland and Denmark, with implications for both local governance and tourism sectors.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): www.ral.gl, systemtm.com, www.gronlandskehavnelods.dk, rudersdal.dk, nanoqmedia.gl, arcticexcursions.com, mit.nanoqmedia.gl, en.midtjyllandslufthavn.dk, www.stamps.gl, stat.gl, www.banken.gl, gentofte.dk, traveltrade.visitgreenland.com, govmin.gl, www.dr.dk, nuukwatertaxi.gl, eastgreenland.com, www.rk.dk, isg.gl, albatros-arctic-circle.com, expeditionsgreenland.gl, www.knr.gl
Dismissed Targets(0):

Detected attack on 2026-02-27_10-45-09

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 10:45:09 +0000

The attacks attributed to noname057(16) primarily target websites in Greenland and Denmark. Key sectors affected include government, media, tourism, and transportation. Notable sites include government portals, news organizations, and travel-related platforms, indicating a focus on critical infrastructure and public services in these regions.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): www.ral.gl, systemtm.com, www.gronlandskehavnelods.dk, rudersdal.dk, nanoqmedia.gl, mit.nanoqmedia.gl, arcticexcursions.com, en.midtjyllandslufthavn.dk, www.stamps.gl, stat.gl, www.banken.gl, gentofte.dk, traveltrade.visitgreenland.com, govmin.gl, www.dr.dk, nuukwatertaxi.gl, eastgreenland.com, www.rk.dk, isg.gl, albatros-arctic-circle.com, expeditionsgreenland.gl, www.knr.gl
Dismissed Targets(0):

Detected attack on 2026-02-27_07-10-07

codabar@42de.it (Alfredo Terrone) — Fri, 27 Feb 2026 07:10:07 +0000

Noname057(16) has targeted various websites primarily located in Greenland and Denmark. The attacks have affected tourism, government, and media sectors, highlighting the vulnerability of online platforms in these regions. Key countries under attack include Greenland and Denmark, with a focus on sites related to travel, local governance, and media services.^{AI generated}
22 targets are under attack, 22 new targets and 0 targets from previous attack
New Targets(22): albatros-arctic-circle.com, www.stamps.gl, arcticexcursions.com, systemtm.com, govmin.gl, www.banken.gl, rudersdal.dk, stat.gl, traveltrade.visitgreenland.com, nuukwatertaxi.gl, eastgreenland.com, www.dr.dk, en.midtjyllandslufthavn.dk, www.ral.gl, www.gronlandskehavnelods.dk, nanoqmedia.gl, expeditionsgreenland.gl, gentofte.dk, isg.gl, www.rk.dk, www.knr.gl, mit.nanoqmedia.gl
Targets from prev attack(0):
Dismissed Targets(27): workindenmark.dk, danskehavne.dk, adm.dp.gov.ua, www.aau.dk, lifeindenmark.borger.dk, mit.dk, anklagemyndigheden.dk, www.dmi.dk, www.bws.net, www.tinglysning.dk, advokatsamfundet.dk, mariupolrada.gov.ua, horsens.dk, www.vmr.gov.ua, www.dba.dk, www.rada-poltava.gov.ua, www.naestved.dk, awex.com.ua, loga.gov.ua, www.au.dk, www.sdu.dk, jobnet.dk, chervonyi.com.ua, zp.gov.ua, nyidanmark.dk, ens.dk, smr.gov.ua

Detected attack on 2026-02-26_12-45-10

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 12:45:10 +0000

The cyberattacks attributed to noname057(16) primarily target websites in Ukraine and Denmark. Key Ukrainian sites include various government and regional portals, such as mariupolrada.gov.ua and smr.gov.ua. In Denmark, multiple government and educational institutions are affected, including mit.dk, www.au.dk, and jobnet.dk. These attacks reflect a focus on both governmental and public service sectors in these countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.dba.dk, mariupolrada.gov.ua, mit.dk, lifeindenmark.borger.dk, www.vmr.gov.ua, advokatsamfundet.dk, smr.gov.ua, www.naestved.dk, zp.gov.ua, www.au.dk, www.tinglysning.dk, horsens.dk, www.dmi.dk, anklagemyndigheden.dk, www.aau.dk, workindenmark.dk, chervonyi.com.ua, jobnet.dk, danskehavne.dk, www.sdu.dk, awex.com.ua, www.rada-poltava.gov.ua, loga.gov.ua, www.bws.net, nyidanmark.dk, adm.dp.gov.ua, ens.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_12-40-10

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 12:40:10 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and Denmark. Key Ukrainian sites include various government and local authority pages such as mariupolrada.gov.ua and adm.dp.gov.ua. In Denmark, the attacks affect multiple domains related to public services and institutions, including lifeindenmark.borger.dk and jobnet.dk. Overall, Ukraine and Denmark are the main countries experiencing these cyber threats.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): mariupolrada.gov.ua, chervonyi.com.ua, loga.gov.ua, lifeindenmark.borger.dk, adm.dp.gov.ua, www.sdu.dk, anklagemyndigheden.dk, www.dmi.dk, danskehavne.dk, www.tinglysning.dk, www.vmr.gov.ua, nyidanmark.dk, zp.gov.ua, smr.gov.ua, www.bws.net, www.rada-poltava.gov.ua, www.dba.dk, awex.com.ua, advokatsamfundet.dk, horsens.dk, jobnet.dk, workindenmark.dk, ens.dk, www.naestved.dk, www.aau.dk, www.au.dk, mit.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_12-35-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 12:35:08 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and Denmark. Key Ukrainian sites include various government and regional platforms, such as mariupolrada.gov.ua and adm.dp.gov.ua. In Denmark, several educational and governmental sites like aau.dk, dmi.dk, and jobnet.dk are affected.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): mariupolrada.gov.ua, chervonyi.com.ua, loga.gov.ua, lifeindenmark.borger.dk, adm.dp.gov.ua, www.sdu.dk, anklagemyndigheden.dk, www.dmi.dk, danskehavne.dk, www.tinglysning.dk, www.vmr.gov.ua, zp.gov.ua, nyidanmark.dk, smr.gov.ua, www.bws.net, www.rada-poltava.gov.ua, www.dba.dk, awex.com.ua, advokatsamfundet.dk, horsens.dk, jobnet.dk, workindenmark.dk, ens.dk, www.naestved.dk, www.aau.dk, www.au.dk, mit.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_12-30-10

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 12:30:10 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Key Danish sites include government and educational institutions such as naestved.dk, jobnet.dk, and au.dk. In Ukraine, the attackers focus on local government websites like mariupolrada.gov.ua and adm.dp.gov.ua, as well as other regional platforms. This indicates a significant focus on both countries, with Denmark being targeted for its governmental and public services, while Ukraine faces attacks on its local governance and administrative sites.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.naestved.dk, jobnet.dk, www.dmi.dk, nyidanmark.dk, anklagemyndigheden.dk, www.au.dk, mariupolrada.gov.ua, lifeindenmark.borger.dk, awex.com.ua, chervonyi.com.ua, adm.dp.gov.ua, www.sdu.dk, workindenmark.dk, www.aau.dk, smr.gov.ua, loga.gov.ua, www.tinglysning.dk, danskehavne.dk, www.vmr.gov.ua, zp.gov.ua, horsens.dk, advokatsamfundet.dk, www.bws.net, www.dba.dk, mit.dk, www.rada-poltava.gov.ua, ens.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_12-15-38

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 12:15:38 +0000

Noname057(16) has targeted various websites primarily in Denmark and Ukraine. The main countries under attack include Denmark, with numerous sites such as naestved.dk, bws.net, and workindenmark.dk, and Ukraine, featuring sites like adm.dp.gov.ua, loga.gov.ua, and mariupolrada.gov.ua. The attacks span government, educational, and local municipal websites in these regions.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.naestved.dk, www.bws.net, jobnet.dk, danskehavne.dk, workindenmark.dk, adm.dp.gov.ua, loga.gov.ua, zp.gov.ua, mit.dk, www.au.dk, awex.com.ua, www.rada-poltava.gov.ua, www.vmr.gov.ua, www.tinglysning.dk, advokatsamfundet.dk, www.sdu.dk, ens.dk, www.dba.dk, www.dmi.dk, chervonyi.com.ua, horsens.dk, lifeindenmark.borger.dk, smr.gov.ua, www.aau.dk, nyidanmark.dk, anklagemyndigheden.dk, mariupolrada.gov.ua
Dismissed Targets(0):

Detected attack on 2026-02-26_12-00-10

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 12:00:10 +0000

The sites attacked by noname057 primarily belong to Denmark and Ukraine. Key targets include various government and educational institutions in Denmark, such as jobnet.dk and au.dk, as well as several Ukrainian government websites like loga.gov.ua and mariupolrada.gov.ua. This indicates a focus on both Danish and Ukrainian entities, highlighting the geopolitical tensions affecting these countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): jobnet.dk, danskehavne.dk, www.naestved.dk, anklagemyndigheden.dk, loga.gov.ua, zp.gov.ua, mariupolrada.gov.ua, www.au.dk, ens.dk, www.dba.dk, nyidanmark.dk, horsens.dk, www.rada-poltava.gov.ua, workindenmark.dk, advokatsamfundet.dk, www.aau.dk, www.tinglysning.dk, www.vmr.gov.ua, awex.com.ua, lifeindenmark.borger.dk, www.bws.net, chervonyi.com.ua, smr.gov.ua, www.dmi.dk, adm.dp.gov.ua, mit.dk, www.sdu.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_11-55-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 11:55:08 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Key Danish sites include jobnet.dk, danskehavne.dk, and au.dk, while Ukrainian targets encompass loga.gov.ua, zp.gov.ua, and mariupolrada.gov.ua. This indicates a focus on both governmental and employment-related platforms in these countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): jobnet.dk, danskehavne.dk, www.naestved.dk, anklagemyndigheden.dk, loga.gov.ua, zp.gov.ua, mariupolrada.gov.ua, www.au.dk, ens.dk, www.dba.dk, nyidanmark.dk, horsens.dk, www.rada-poltava.gov.ua, workindenmark.dk, advokatsamfundet.dk, www.aau.dk, www.tinglysning.dk, www.vmr.gov.ua, awex.com.ua, lifeindenmark.borger.dk, www.bws.net, chervonyi.com.ua, smr.gov.ua, adm.dp.gov.ua, www.dmi.dk, mit.dk, www.sdu.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_11-50-09

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 11:50:09 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and Denmark. Key Ukrainian sites include government and local authority platforms such as awex.com.ua, zp.gov.ua, and mariupolrada.gov.ua. In Denmark, the focus is on various governmental and educational institutions, including ens.dk, workindenmark.dk, and www.au.dk. The attacks reflect a concentrated effort on critical infrastructure in these two countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): awex.com.ua, zp.gov.ua, ens.dk, workindenmark.dk, chervonyi.com.ua, www.tinglysning.dk, www.aau.dk, danskehavne.dk, www.au.dk, smr.gov.ua, lifeindenmark.borger.dk, advokatsamfundet.dk, loga.gov.ua, www.naestved.dk, www.dmi.dk, www.dba.dk, anklagemyndigheden.dk, mariupolrada.gov.ua, www.vmr.gov.ua, mit.dk, www.sdu.dk, horsens.dk, jobnet.dk, www.bws.net, www.rada-poltava.gov.ua, adm.dp.gov.ua, nyidanmark.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_11-15-09

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 11:15:09 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Key Danish sites include jobnet.dk, advokatsamfundet.dk, and aau.dk, while notable Ukrainian targets consist of chervonyi.com.ua, loga.gov.ua, and zp.gov.ua. This indicates a focus on both public services and governmental institutions in these two countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): jobnet.dk, advokatsamfundet.dk, chervonyi.com.ua, www.aau.dk, loga.gov.ua, danskehavne.dk, ens.dk, www.naestved.dk, www.au.dk, mit.dk, www.bws.net, www.sdu.dk, zp.gov.ua, awex.com.ua, www.rada-poltava.gov.ua, workindenmark.dk, adm.dp.gov.ua, lifeindenmark.borger.dk, www.dmi.dk, smr.gov.ua, anklagemyndigheden.dk, mariupolrada.gov.ua, www.dba.dk, www.tinglysning.dk, www.vmr.gov.ua, nyidanmark.dk, horsens.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_11-10-09

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 11:10:09 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and Denmark. Key Ukrainian sites include government and municipal platforms such as zp.gov.ua, smr.gov.ua, and mariupolrada.gov.ua. In Denmark, the attacks focus on various institutions including educational websites like au.dk and a range of governmental services such as anklagemyndigheden.dk and jobnet.dk.^{AI generated}
27 targets are under attack, 3 new targets and 24 targets from previous attack
New Targets(3): smr.gov.ua, www.rada-poltava.gov.ua, mariupolrada.gov.ua
Targets from prev attack(24): zp.gov.ua, anklagemyndigheden.dk, www.bws.net, www.au.dk, advokatsamfundet.dk, horsens.dk, workindenmark.dk, www.sdu.dk, www.dba.dk, www.vmr.gov.ua, mit.dk, adm.dp.gov.ua, lifeindenmark.borger.dk, chervonyi.com.ua, www.tinglysning.dk, ens.dk, loga.gov.ua, www.dmi.dk, www.naestved.dk, www.aau.dk, danskehavne.dk, nyidanmark.dk, jobnet.dk, awex.com.ua
Dismissed Targets(0):

Detected attack on 2026-02-26_11-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 11:05:08 +0000

The attacks by noname057(16) primarily targeted websites in Ukraine and Denmark. Key Ukrainian sites include zp.gov.ua, vmr.gov.ua, adm.dp.gov.ua, lifeindenmark.borger.dk, and chervonyi.com.ua. In Denmark, notable targets include anklagemyndigheden.dk, bws.net, au.dk, advokatsamfundet.dk, horsens.dk, workindenmark.dk, sdu.dk, mit.dk, tinglysning.dk, ens.dk, dmi.dk, naestved.dk, aau.dk, danskehavne.dk, and jobnet.dk.^{AI generated}
24 targets are under attack, 6 new targets and 18 targets from previous attack
New Targets(6): zp.gov.ua, loga.gov.ua, adm.dp.gov.ua, chervonyi.com.ua, www.vmr.gov.ua, awex.com.ua
Targets from prev attack(18): ens.dk, advokatsamfundet.dk, www.naestved.dk, danskehavne.dk, www.dmi.dk, horsens.dk, nyidanmark.dk, anklagemyndigheden.dk, lifeindenmark.borger.dk, workindenmark.dk, www.aau.dk, www.sdu.dk, www.dba.dk, jobnet.dk, www.tinglysning.dk, www.bws.net, www.au.dk, mit.dk
Dismissed Targets(0):

Detected attack on 2026-02-26_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 26 Feb 2026 07:10:08 +0000

Noname057(16) has targeted various websites primarily in Denmark. The attacked sites include government portals, educational institutions, and job-related platforms, indicating a focus on critical infrastructure within the country.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): www.naestved.dk, www.au.dk, www.sdu.dk, jobnet.dk, workindenmark.dk, www.tinglysning.dk, advokatsamfundet.dk, mit.dk, horsens.dk, anklagemyndigheden.dk, nyidanmark.dk, www.bws.net, danskehavne.dk, www.aau.dk, ens.dk, www.dba.dk, lifeindenmark.borger.dk, www.dmi.dk
Targets from prev attack(0):
Dismissed Targets(28): phoenix-s.com.ua, aeroprakt.kiev.ua, www.airports.gl, oib.com.ua, e-commerce.airgreenland.com, www.faxekommune.dk, sikuki.gl, solrod.dk, ral.gl, tor-safety.com, www.hillerod.dk, www.diskoline.gl, eng.navigation.gl, kruk.company, bezpeka.ua, www.guldborgsund.dk, www.koege.dk, www.roskilde.dk, www.lolland.dk, visitgreenland.com, ohorona-bezpeka.com, www.greenland-travel.com, stevns.dk, ufpb.kiev.ua, holbaek.dk, bus.gl, airgreenland.com, vertol.com.ua

Detected attack on 2026-02-25_11-05-12

codabar@42de.it (Alfredo Terrone) — Wed, 25 Feb 2026 11:05:12 +0000

Noname057(16) has targeted various websites primarily located in Greenland, Denmark, and Ukraine. Key countries under attack include Greenland, with multiple sites such as airports.gl and visitgreenland.com, Denmark, featuring websites like hillerod.dk and solrod.dk, and Ukraine, with targets including bezpeka.ua and aeroprakt.kiev.ua.^{AI generated}
28 targets are under attack, 9 new targets and 19 targets from previous attack
New Targets(9): tor-safety.com, kruk.company, ohorona-bezpeka.com, aeroprakt.kiev.ua, oib.com.ua, phoenix-s.com.ua, bezpeka.ua, vertol.com.ua, ufpb.kiev.ua
Targets from prev attack(19): www.diskoline.gl, ral.gl, holbaek.dk, www.airports.gl, www.hillerod.dk, www.faxekommune.dk, airgreenland.com, visitgreenland.com, www.greenland-travel.com, eng.navigation.gl, www.lolland.dk, e-commerce.airgreenland.com, www.koege.dk, bus.gl, stevns.dk, sikuki.gl, solrod.dk, www.guldborgsund.dk, www.roskilde.dk
Dismissed Targets(0):

Detected attack on 2026-02-25_07-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 25 Feb 2026 07:05:09 +0000

The attacks attributed to noname057 primarily target websites in Greenland and Denmark. Key sites affected include various regional and tourism-related platforms, such as visitgreenland.com and airgreenland.com, as well as local government and municipality sites like holbaek.dk and lolland.dk. The focus appears to be on both public services and travel-related entities in these countries.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): bus.gl, holbaek.dk, eng.navigation.gl, www.lolland.dk, visitgreenland.com, solrod.dk, airgreenland.com, www.koege.dk, www.faxekommune.dk, www.guldborgsund.dk, www.airports.gl, e-commerce.airgreenland.com, stevns.dk, www.roskilde.dk, ral.gl, www.hillerod.dk, www.diskoline.gl, sikuki.gl, www.greenland-travel.com
Targets from prev attack(0):
Dismissed Targets(19): www.nationalbanken.dk, www.fmn.dk, www.regionoest.dk, www.transportministeriet.dk, www.smyril-line.com, www.onlinebutik.dk, portofkalundborg.dk, orsted.dk, orsted.com, accountant.dk, www.dsb.dk, www.hplush.com, nordicshipping.csl-consult.dk, www.forsvaret.dk, fm.dk, www.arla.com, www.qq.dk, www.karstensens.dk, www.phaseone.com

Detected attack on 2026-02-24_07-05-12

codabar@42de.it (Alfredo Terrone) — Tue, 24 Feb 2026 07:05:12 +0000

The attack by noname057(16) primarily targeted Denmark, with numerous sites related to government, transportation, and industry being affected. Key entities include the Danish Armed Forces, various transportation companies, and major corporations like Ørsted and Arla. The focus on these sites indicates a significant threat to national infrastructure and corporate operations within Denmark.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.forsvaret.dk, www.phaseone.com, www.smyril-line.com, portofkalundborg.dk, orsted.com, www.arla.com, www.hplush.com, www.transportministeriet.dk, accountant.dk, fm.dk, www.dsb.dk, www.nationalbanken.dk, www.fmn.dk, www.onlinebutik.dk, nordicshipping.csl-consult.dk, www.regionoest.dk, orsted.dk, www.qq.dk, www.karstensens.dk
Targets from prev attack(0):
Dismissed Targets(18): byret.dk, www.scangl.dk, www.nrg.dk, borgernesparti.dk, rigsadvokaten.dk, handelsretten.dk, netbutik.postnord.dk, energinet.dk, www.borger.dk, login.konservative.dk, www.rn.dk, ringsted.dk, radikalevenstre.dk, konservative.dk, copenhagensuborbitals.com, socialistiskfolkeparti.dk, www.taarnby.dk, ntg.com

Detected attack on 2026-02-23_07-05-07

codabar@42de.it (Alfredo Terrone) — Mon, 23 Feb 2026 07:05:07 +0000

The sites attacked by noname057 primarily belong to Denmark, indicating a focus on Danish political, legal, and commercial entities. Key targets include political parties, municipal websites, and various organizations, reflecting a potential interest in disrupting local governance and political discourse.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): copenhagensuborbitals.com, borgernesparti.dk, ringsted.dk, radikalevenstre.dk, www.borger.dk, netbutik.postnord.dk, www.scangl.dk, www.rn.dk, handelsretten.dk, ntg.com, energinet.dk, socialistiskfolkeparti.dk, www.nrg.dk, login.konservative.dk, byret.dk, rigsadvokaten.dk, www.taarnby.dk, konservative.dk
Targets from prev attack(0):
Dismissed Targets(16): www.advens.com, www.tibagroup.com, www.gva.es, www.cabeza.com, web.larioja.org, www.teldat.com, www.authusb.net, www.cleceseguridad.com, administracion.gob.es, eme-es.com, www.silescb.com, santiagodecompostela.gal, www.axians.es, www.navarra.es, representantesaduaneros.com, www.trablisa.es

Detected attack on 2026-02-22_07-05-08

codabar@42de.it (Alfredo Terrone) — Sun, 22 Feb 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Spain, affecting government and regional sites such as administracion.gob.es and gva.es, as well as private companies like axians.es and cleceseguridad.com. The attacks also extend to other domains like teldat.com and tibagroup.com, indicating a focus on both public and private sectors within the country.^{AI generated}
16 targets are under attack, 16 new targets and 0 targets from previous attack
New Targets(16): administracion.gob.es, www.silescb.com, www.navarra.es, www.axians.es, www.trablisa.es, www.cleceseguridad.com, eme-es.com, www.teldat.com, www.cabeza.com, santiagodecompostela.gal, www.advens.com, www.tibagroup.com, representantesaduaneros.com, www.gva.es, www.authusb.net, web.larioja.org
Targets from prev attack(0):
Dismissed Targets(14): id.coruna.gal, comunicacion.diputaciondevalladolid.es, www.talgo.com, www.elcasco1920.com, www.transportepublico.es, www.turgranada.es, www.coruna.gal, www.parcan.es, www.palma.es, www.hacienda.gob.es, energia.imdea.org, www.legebiltzarra.eus, www.tramalacant.es, web.murcia.es

Detected attack on 2026-02-22_06-10-08

codabar@42de.it (Alfredo Terrone) — Sun, 22 Feb 2026 06:10:08 +0000

The attacks by noname057 primarily targeted websites in Spain. Key sites affected include those belonging to local government entities, public transportation, and energy organizations. Notable regions under attack include Galicia, Murcia, and Andalusia, with a focus on municipal and regional services.^{AI generated}
14 targets are under attack, 0 new targets and 14 targets from previous attack
New Targets(0):
Targets from prev attack(14): id.coruna.gal, www.tramalacant.es, www.palma.es, www.transportepublico.es, energia.imdea.org, www.elcasco1920.com, www.hacienda.gob.es, www.parcan.es, www.talgo.com, comunicacion.diputaciondevalladolid.es, www.coruna.gal, web.murcia.es, www.legebiltzarra.eus, www.turgranada.es
Dismissed Targets(1): metropolitanogranada.es

Detected attack on 2026-02-21_07-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 21 Feb 2026 07:10:08 +0000

The sites attacked by noname057 include various domains primarily from Spain. Key targets include government and municipal websites such as id.coruna.gal, energia.imdea.org, and www.hacienda.gob.es. Other notable attacks were on tourism and transportation sites like www.turgranada.es and www.transportepublico.es. The attacks demonstrate a focus on Spanish institutions and public services.^{AI generated}
15 targets are under attack, 0 new targets and 15 targets from previous attack
New Targets(0):
Targets from prev attack(15): energia.imdea.org, id.coruna.gal, www.legebiltzarra.eus, www.tramalacant.es, www.coruna.gal, www.parcan.es, web.murcia.es, www.turgranada.es, www.elcasco1920.com, comunicacion.diputaciondevalladolid.es, metropolitanogranada.es, www.talgo.com, www.hacienda.gob.es, www.palma.es, www.transportepublico.es
Dismissed Targets(21): www.ufd.es, www.nedgia.es, www.transgesa.es, gasnam.es, eidas.izenpe.com, www.gasrenovable.org, www.toledo.es, emtre.es, aul.gl, qeqertalik.gl, kujalleq.gl, www.logista.com, areaprivada.ufd.es, avannaata.gl, www.fundacionnaturgy.org, sermersooq.gl, naalakkersuisut.gl, sede.toledo.es, diskoline.gl, www.globalpower-generation.com, qeqqata.gl

Detected attack on 2026-02-21_07-05-08

codabar@42de.it (Alfredo Terrone) — Sat, 21 Feb 2026 07:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Spain, with notable focus on regional and governmental entities. The principal countries under attack include Spain, as evidenced by the numerous Spanish domains such as www.ufd.es, www.parcan.es, and www.hacienda.gob.es. Additionally, there are several sites from Greenland, indicated by the presence of .gl domains like kujalleq.gl and sermersooq.gl. Overall, the attacks reflect a concentrated effort against Spanish institutions and some Greenlandic entities.^{AI generated}
36 targets are under attack, 15 new targets and 21 targets from previous attack
New Targets(15): id.coruna.gal, energia.imdea.org, www.legebiltzarra.eus, www.tramalacant.es, www.parcan.es, web.murcia.es, www.coruna.gal, www.turgranada.es, www.elcasco1920.com, comunicacion.diputaciondevalladolid.es, metropolitanogranada.es, www.talgo.com, www.hacienda.gob.es, www.palma.es, www.transportepublico.es
Targets from prev attack(21): www.ufd.es, www.nedgia.es, www.transgesa.es, gasnam.es, eidas.izenpe.com, www.gasrenovable.org, www.toledo.es, emtre.es, aul.gl, qeqertalik.gl, www.logista.com, areaprivada.ufd.es, kujalleq.gl, avannaata.gl, www.fundacionnaturgy.org, sermersooq.gl, naalakkersuisut.gl, sede.toledo.es, diskoline.gl, www.globalpower-generation.com, qeqqata.gl
Dismissed Targets(9): www.inatsisartut.gl, www.apc.es, www.sedigas.es, www.ombudsmand.gl, www.sullissivik.gl, www.bilbao.eus, www.palmasport.es, licitaciones.canaldeisabelsegunda.es, srm.canaldeisabelsegunda.es

Detected attack on 2026-02-20_11-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 20 Feb 2026 11:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Spain and Greenland. Key sectors affected include energy, public services, and local government. Notable sites include those related to natural gas, renewable energy, and municipal services. The attacks highlight a growing trend in cyber threats against critical infrastructure in these regions.^{AI generated}
30 targets are under attack, 11 new targets and 19 targets from previous attack
New Targets(11): qeqqata.gl, naalakkersuisut.gl, www.sullissivik.gl, avannaata.gl, aul.gl, diskoline.gl, kujalleq.gl, sermersooq.gl, www.ombudsmand.gl, qeqertalik.gl, www.inatsisartut.gl
Targets from prev attack(19): www.fundacionnaturgy.org, www.gasrenovable.org, licitaciones.canaldeisabelsegunda.es, www.bilbao.eus, www.toledo.es, areaprivada.ufd.es, www.nedgia.es, www.sedigas.es, www.logista.com, www.ufd.es, sede.toledo.es, gasnam.es, emtre.es, eidas.izenpe.com, www.palmasport.es, www.apc.es, srm.canaldeisabelsegunda.es, www.transgesa.es, www.globalpower-generation.com
Dismissed Targets(0):

Detected attack on 2026-02-20_08-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 20 Feb 2026 08:05:09 +0000

The attacks by noname057 primarily targeted websites in Spain, affecting various sectors including energy, public services, and local government. Notable sites include gasnam.es, srm.canaldeisabelsegunda.es, and toledo.es, showcasing a focus on infrastructure and utilities. Other affected entities include private companies and foundations, indicating a broad range of interests in the cyber assault.^{AI generated}
19 targets are under attack, 0 new targets and 19 targets from previous attack
New Targets(0):
Targets from prev attack(19): gasnam.es, www.ufd.es, srm.canaldeisabelsegunda.es, www.palmasport.es, sede.toledo.es, www.sedigas.es, eidas.izenpe.com, areaprivada.ufd.es, www.bilbao.eus, www.transgesa.es, licitaciones.canaldeisabelsegunda.es, www.globalpower-generation.com, www.apc.es, www.toledo.es, www.gasrenovable.org, emtre.es, www.nedgia.es, www.logista.com, www.fundacionnaturgy.org
Dismissed Targets(6): start-ni-mitte.de, www.nah.sh, www.l.de, www.vbb.de, www.vmv.de, frontend-api.sbahn-hannover.de

Detected attack on 2026-02-20_07-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 20 Feb 2026 07:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Spain and Germany. Key sectors affected include energy, environmental organizations, and public services. Notable sites include gasnam.es and fundacionnaturgy.org from Spain, as well as sbahn-hannover.de and vbb.de from Germany. The attacks indicate a focus on critical infrastructure and public utilities.^{AI generated}
25 targets are under attack, 19 new targets and 6 targets from previous attack
New Targets(19): gasnam.es, www.fundacionnaturgy.org, www.palmasport.es, www.logista.com, areaprivada.ufd.es, sede.toledo.es, eidas.izenpe.com, www.nedgia.es, www.globalpower-generation.com, www.transgesa.es, srm.canaldeisabelsegunda.es, www.sedigas.es, www.gasrenovable.org, www.bilbao.eus, www.apc.es, www.ufd.es, www.toledo.es, licitaciones.canaldeisabelsegunda.es, emtre.es
Targets from prev attack(6): www.vmv.de, frontend-api.sbahn-hannover.de, start-ni-mitte.de, www.nah.sh, www.vbb.de, www.l.de
Dismissed Targets(20): www.interglobo.net, www.advens.com, vcbalarm.es, www.tibagroup.com, www.authusb.net, web.larioja.org, www.cabeza.com, www.bahn.de, contratacioncentralizada.gob.es, www.cleceseguridad.com, ww2.aiaf.es, www.jtsec.es, eme-es.com, www.trablisa.es, ciberso.com, revistasic.es, www.silescb.com, www.totallogistic.es, www.navarra.es, epicom.es

Detected attack on 2026-02-19_10-15-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 10:15:08 +0000

Noname057(16) has targeted various websites across multiple countries. The principal countries under attack include Germany, with sites like sbahn-hannover.de and bahn.de; Spain, featuring vbb.de, totallogistic.es, and contratacioncentralizada.gob.es; and other regions represented by sites such as advens.com and interglobo.net. This indicates a broad range of interests and potential motivations behind the attacks.^{AI generated}
26 targets are under attack, 1 new targets and 25 targets from previous attack
New Targets(1): www.bahn.de
Targets from prev attack(25): frontend-api.sbahn-hannover.de, www.vbb.de, www.advens.com, www.cabeza.com, www.l.de, vcbalarm.es, www.jtsec.es, www.totallogistic.es, www.cleceseguridad.com, ww2.aiaf.es, ciberso.com, revistasic.es, www.navarra.es, www.nah.sh, start-ni-mitte.de, epicom.es, www.interglobo.net, www.vmv.de, www.silescb.com, eme-es.com, contratacioncentralizada.gob.es, www.authusb.net, www.trablisa.es, www.tibagroup.com, web.larioja.org
Dismissed Targets(0):

Detected attack on 2026-02-19_09-55-10

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 09:55:10 +0000

The attacks attributed to noname057(16) primarily targeted websites in Spain and Germany. Notable Spanish sites include interglobo.net, totallogistic.es, and navarra.es, while German targets include vbb.de and vmv.de. Other affected countries include minor representations from the Netherlands and the United States, as indicated by sites like l.de and authusb.net. Overall, the campaign highlights a focus on logistics, transportation, and regional government entities.^{AI generated}
25 targets are under attack, 6 new targets and 19 targets from previous attack
New Targets(6): start-ni-mitte.de, www.vmv.de, www.vbb.de, frontend-api.sbahn-hannover.de, www.l.de, www.nah.sh
Targets from prev attack(19): www.interglobo.net, www.totallogistic.es, www.navarra.es, eme-es.com, revistasic.es, www.trablisa.es, www.tibagroup.com, ww2.aiaf.es, www.jtsec.es, www.advens.com, www.authusb.net, www.cleceseguridad.com, contratacioncentralizada.gob.es, ciberso.com, www.silescb.com, www.cabeza.com, vcbalarm.es, epicom.es, web.larioja.org
Dismissed Targets(0):

Detected attack on 2026-02-19_07-20-07

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 07:20:07 +0000

The sites attacked by noname057(16) primarily belong to Spain, indicating a focus on Spanish governmental and business entities. The targeted websites include those related to public administration, logistics, security, and various service providers, highlighting a significant threat landscape within the country.^{AI generated}
19 targets are under attack, 5 new targets and 14 targets from previous attack
New Targets(5): www.authusb.net, epicom.es, ciberso.com, revistasic.es, www.jtsec.es
Targets from prev attack(14): www.advens.com, contratacioncentralizada.gob.es, ww2.aiaf.es, www.cabeza.com, eme-es.com, www.totallogistic.es, www.navarra.es, www.cleceseguridad.com, vcbalarm.es, www.tibagroup.com, www.trablisa.es, www.silescb.com, web.larioja.org, www.interglobo.net
Dismissed Targets(0):

Detected attack on 2026-02-19_07-15-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 07:15:08 +0000

Noname057(16) has targeted various websites primarily in Spain. The attacked sites include government portals such as contratacioncentralizada.gob.es and regional sites like navarra.es and web.larioja.org. Additionally, several private companies from different sectors, including logistics and security, were affected, such as totallogistic.es and cleceseguridad.com. Overall, Spain is the main country under attack in this campaign.^{AI generated}
14 targets are under attack, 2 new targets and 12 targets from previous attack
New Targets(2): www.advens.com, eme-es.com
Targets from prev attack(12): contratacioncentralizada.gob.es, ww2.aiaf.es, www.cabeza.com, www.totallogistic.es, www.navarra.es, www.cleceseguridad.com, vcbalarm.es, www.tibagroup.com, www.trablisa.es, www.silescb.com, web.larioja.org, www.interglobo.net
Dismissed Targets(0):

Detected attack on 2026-02-19_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 07:10:08 +0000

Noname057(16) has targeted various websites primarily from Spain. Key sectors affected include logistics, security, and government services. The attacks have impacted sites such as Silescb, Cabeza, Trablisa, Interglobo, and several others, indicating a focused effort on Spanish organizations and institutions.^{AI generated}
12 targets are under attack, 2 new targets and 10 targets from previous attack
New Targets(2): www.interglobo.net, www.totallogistic.es
Targets from prev attack(10): www.silescb.com, www.cabeza.com, www.trablisa.es, www.cleceseguridad.com, contratacioncentralizada.gob.es, vcbalarm.es, web.larioja.org, www.navarra.es, ww2.aiaf.es, www.tibagroup.com
Dismissed Targets(0):

Detected attack on 2026-02-19_07-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Spain, including companies and governmental organizations. The attacked sites include Silescb, Cabeza, Trablisa, Cleceseguridad, and others, indicating a focus on both private and public sectors within the country.^{AI generated}
10 targets are under attack, 10 new targets and 0 targets from previous attack
New Targets(10): www.silescb.com, www.cabeza.com, www.trablisa.es, www.cleceseguridad.com, contratacioncentralizada.gob.es, vcbalarm.es, web.larioja.org, www.navarra.es, ww2.aiaf.es, www.tibagroup.com
Targets from prev attack(0):
Dismissed Targets(32): www.mjusticia.gob.es, tks.sumy.ua, www.jtsec.es, skm.com.ua, ejercitodelaireydelespacio.defensa.gob.es, ejercito.defensa.gob.es, www.ccn.cni.es, s2grupo.es, armada.defensa.gob.es, emad.defensa.gob.es, megaprostir.net, z.skm.com.ua, zbx.skm.com.ua, www.ccn-cert.cni.es, sede.agenciatributaria.gob.es, mumken.es, contrataciondelestado.es, rns.ccn-cert.cni.es, administracion.gob.es, triolan.com, sitv.com.ua, online.sumy.ua, www.axians.es, home.l4.ua, www.cni.es, www.teldat.com, l4.ua, representantesaduaneros.com, planderecuperacion.gob.es, www.dsn.gob.es, www.shtorm.net, www.defensa.gob.es

Detected attack on 2026-02-19_07-00-11

codabar@42de.it (Alfredo Terrone) — Thu, 19 Feb 2026 07:00:11 +0000

The attacks attributed to noname057(16) primarily targeted websites in Spain and Ukraine. Key sectors affected include government agencies, defense, and telecommunications. Notable Spanish sites include planderecuperacion.gob.es and administracion.gob.es, while Ukrainian targets include zbx.skm.com.ua and online.sumy.ua. The attacks highlight a focus on critical infrastructure and public services in these countries.^{AI generated}
32 targets are under attack, 0 new targets and 32 targets from previous attack
New Targets(0):
Targets from prev attack(32): planderecuperacion.gob.es, www.axians.es, zbx.skm.com.ua, www.teldat.com, tks.sumy.ua, s2grupo.es, contrataciondelestado.es, megaprostir.net, online.sumy.ua, administracion.gob.es, sitv.com.ua, rns.ccn-cert.cni.es, home.l4.ua, www.dsn.gob.es, www.defensa.gob.es, skm.com.ua, ejercito.defensa.gob.es, www.mjusticia.gob.es, ejercitodelaireydelespacio.defensa.gob.es, z.skm.com.ua, www.shtorm.net, sede.agenciatributaria.gob.es, representantesaduaneros.com, armada.defensa.gob.es, www.ccn.cni.es, triolan.com, www.ccn-cert.cni.es, mumken.es, l4.ua, emad.defensa.gob.es, www.cni.es, www.jtsec.es
Dismissed Targets(1): contratacioncentralizada.gob.es

Detected attack on 2026-02-18_11-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 18 Feb 2026 11:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in Spain and Ukraine. Key sectors affected include government agencies, defense, and telecommunications. Notable Spanish sites include various government and defense-related domains, while Ukrainian targets include local services and online platforms.^{AI generated}
33 targets are under attack, 11 new targets and 22 targets from previous attack
New Targets(11): home.l4.ua, sitv.com.ua, skm.com.ua, online.sumy.ua, megaprostir.net, z.skm.com.ua, tks.sumy.ua, zbx.skm.com.ua, l4.ua, www.shtorm.net, triolan.com
Targets from prev attack(22): www.dsn.gob.es, s2grupo.es, www.ccn-cert.cni.es, www.ccn.cni.es, www.teldat.com, sede.agenciatributaria.gob.es, ejercito.defensa.gob.es, www.cni.es, administracion.gob.es, rns.ccn-cert.cni.es, mumken.es, www.mjusticia.gob.es, planderecuperacion.gob.es, contrataciondelestado.es, ejercitodelaireydelespacio.defensa.gob.es, www.jtsec.es, representantesaduaneros.com, armada.defensa.gob.es, www.defensa.gob.es, emad.defensa.gob.es, contratacioncentralizada.gob.es, www.axians.es
Dismissed Targets(0):

Detected attack on 2026-02-18_07-05-20

codabar@42de.it (Alfredo Terrone) — Wed, 18 Feb 2026 07:05:20 +0000

Noname057(16) has targeted various websites primarily in Spain, indicating a focus on Spanish governmental and military institutions. The attacked sites include those related to defense, tax agencies, and public administration, highlighting vulnerabilities in critical infrastructure within the country.^{AI generated}
22 targets are under attack, 22 new targets and 0 targets from previous attack
New Targets(22): mumken.es, www.defensa.gob.es, ejercitodelaireydelespacio.defensa.gob.es, representantesaduaneros.com, www.jtsec.es, contratacioncentralizada.gob.es, www.cni.es, ejercito.defensa.gob.es, planderecuperacion.gob.es, sede.agenciatributaria.gob.es, rns.ccn-cert.cni.es, www.ccn.cni.es, emad.defensa.gob.es, www.teldat.com, armada.defensa.gob.es, www.ccn-cert.cni.es, www.mjusticia.gob.es, www.axians.es, www.dsn.gob.es, contrataciondelestado.es, administracion.gob.es, s2grupo.es
Targets from prev attack(0):
Dismissed Targets(28): www.parlament.cat, www.vmr.gov.ua, www.xunta.gal, www.rada-poltava.gov.ua, www.talgo.com, smr.gov.ua, www.palma.es, www.hacienda.gob.es, www.parlamentodeandalucia.es, web.murcia.es, loga.gov.ua, www.bolsasymercados.es, comunicacion.diputaciondevalladolid.es, www.parlamentodegalicia.es, www.asturias.es, www.juntadeandalucia.es, adm.dp.gov.ua, zp.gov.ua, www.asambleamadrid.es, mariupolrada.gov.ua, www.euskadi.eus, www.diputaciolleida.cat, chervonyi.com.ua, www.gva.es, santiagodecompostela.gal, awex.com.ua, www.atresmedia.com, www.enaire.es

Detected attack on 2026-02-18_06-05-07

codabar@42de.it (Alfredo Terrone) — Wed, 18 Feb 2026 06:05:07 +0000

The attacks by noname057(16) primarily targeted websites in Spain and Ukraine. Key Spanish sites include various regional government and parliamentary websites, such as www.parlament.cat, www.gva.es, and www.juntadeandalucia.es. In Ukraine, the attacks focused on government and municipal sites like smr.gov.ua and mariupolrada.gov.ua. Overall, the campaign highlights significant cyber threats to both Spanish and Ukrainian digital infrastructures.^{AI generated}
28 targets are under attack, 0 new targets and 28 targets from previous attack
New Targets(0):
Targets from prev attack(28): www.parlament.cat, www.gva.es, www.palma.es, smr.gov.ua, comunicacion.diputaciondevalladolid.es, chervonyi.com.ua, www.juntadeandalucia.es, www.asturias.es, www.diputaciolleida.cat, loga.gov.ua, adm.dp.gov.ua, www.xunta.gal, www.rada-poltava.gov.ua, www.hacienda.gob.es, www.parlamentodegalicia.es, www.atresmedia.com, mariupolrada.gov.ua, www.vmr.gov.ua, www.parlamentodeandalucia.es, www.bolsasymercados.es, awex.com.ua, www.enaire.es, www.asambleamadrid.es, www.euskadi.eus, santiagodecompostela.gal, www.talgo.com, zp.gov.ua, web.murcia.es
Dismissed Targets(2): portal.mineco.gob.es, www.jgpa.es

Detected attack on 2026-02-17_11-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Feb 2026 11:05:08 +0000

The attacks attributed to noname057 primarily target websites from Ukraine, Spain, and regional governments within these countries. Key Ukrainian sites include chervonyi.com.ua and various government portals like adm.dp.gov.ua and mariupolrada.gov.ua. In Spain, the focus is on regional and governmental sites such as www.parlament.cat, www.juntadeandalucia.es, and www.hacienda.gob.es. The attacks reflect a significant interest in disrupting governmental and institutional communications in these regions.^{AI generated}
30 targets are under attack, 9 new targets and 21 targets from previous attack
New Targets(9): chervonyi.com.ua, www.rada-poltava.gov.ua, loga.gov.ua, adm.dp.gov.ua, www.vmr.gov.ua, awex.com.ua, mariupolrada.gov.ua, zp.gov.ua, smr.gov.ua
Targets from prev attack(21): www.parlament.cat, www.euskadi.eus, portal.mineco.gob.es, www.talgo.com, www.juntadeandalucia.es, www.parlamentodeandalucia.es, comunicacion.diputaciondevalladolid.es, www.gva.es, www.bolsasymercados.es, www.jgpa.es, www.palma.es, www.atresmedia.com, www.asambleamadrid.es, www.asturias.es, www.parlamentodegalicia.es, www.diputaciolleida.cat, www.xunta.gal, web.murcia.es, www.hacienda.gob.es, www.enaire.es, santiagodecompostela.gal
Dismissed Targets(0):

Detected attack on 2026-02-17_07-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 17 Feb 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target Spanish government and media websites. Key countries under attack include Spain, as evidenced by the focus on various regional government sites, national institutions, and media outlets. The targeted sites include portals from the Ministry of Economic Affairs, regional governments of Andalusia and Galicia, as well as media organizations like Atresmedia.^{AI generated}
21 targets are under attack, 20 new targets and 1 targets from previous attack
New Targets(20): www.juntadeandalucia.es, www.hacienda.gob.es, www.atresmedia.com, www.asturias.es, www.parlamentodeandalucia.es, www.jgpa.es, www.enaire.es, www.talgo.com, santiagodecompostela.gal, www.parlamentodegalicia.es, www.gva.es, www.diputaciolleida.cat, www.palma.es, comunicacion.diputaciondevalladolid.es, www.euskadi.eus, www.asambleamadrid.es, www.bolsasymercados.es, web.murcia.es, www.parlament.cat, www.xunta.gal
Targets from prev attack(1): portal.mineco.gob.es
Dismissed Targets(32): www.turismo.gal, vertol.com.ua, vsenergy.com.ua, aeroprakt.kiev.ua, flashback.org, www.metroligero-oeste.es, www.legebiltzarra.eus, tec.dp.ua, www.sedigas.es, bahnhof.cloud, www.bahnhof.se, bahnhof.se, www.turgranada.es, metromalaga.es, www.metrovalencia.es, www.emtmadrid.es, nadu.com.ua, www.ulf.com.ua, energia.imdea.org, www.elcasco1920.com, www.cortsvalencianes.es, socibusventas.es, www.transportepublico.es, www.parcan.es, tor-safety.com, agro-ukraine.com, www.tramalacant.es, id.coruna.gal, www.tib.org, kruk.company, www.coruna.gal, www.crtm.es

Detected attack on 2026-02-17_06-05-10

codabar@42de.it (Alfredo Terrone) — Tue, 17 Feb 2026 06:05:10 +0000

The attacks attributed to noname057 primarily target websites in Spain and Ukraine. Key sectors affected include transportation, tourism, and energy. Notable countries under attack include Spain, with various regional transport and tourism sites, and Ukraine, where energy and transport companies are targeted. Other impacted sites suggest a focus on public services and local governance.^{AI generated}
33 targets are under attack, 1 new targets and 32 targets from previous attack
New Targets(1): portal.mineco.gob.es
Targets from prev attack(32): www.tib.org, www.legebiltzarra.eus, www.elcasco1920.com, www.crtm.es, www.ulf.com.ua, metromalaga.es, flashback.org, www.metrovalencia.es, www.parcan.es, tor-safety.com, socibusventas.es, vertol.com.ua, www.coruna.gal, aeroprakt.kiev.ua, www.turgranada.es, www.cortsvalencianes.es, kruk.company, id.coruna.gal, www.emtmadrid.es, www.sedigas.es, energia.imdea.org, www.tramalacant.es, bahnhof.cloud, www.bahnhof.se, www.metroligero-oeste.es, vsenergy.com.ua, agro-ukraine.com, tec.dp.ua, nadu.com.ua, bahnhof.se, www.turismo.gal, www.transportepublico.es
Dismissed Targets(0):

Detected attack on 2026-02-16_13-30-18

codabar@42de.it (Alfredo Terrone) — Mon, 16 Feb 2026 13:30:18 +0000

Noname057(16) has targeted various websites primarily in Spain and Ukraine. The attacks have affected a range of sectors, including transportation, agriculture, and public services. Key countries under attack include Spain, with numerous sites such as cortsvalencianes.es and metrovalencia.es, and Ukraine, with targets like agro-ukraine.com and vertol.com.ua. Other notable mentions include sites from Germany and various organizations related to public transport and safety.^{AI generated}
32 targets are under attack, 3 new targets and 29 targets from previous attack
New Targets(3): bahnhof.cloud, bahnhof.se, www.bahnhof.se
Targets from prev attack(29): kruk.company, www.cortsvalencianes.es, www.parcan.es, agro-ukraine.com, aeroprakt.kiev.ua, www.crtm.es, tor-safety.com, www.transportepublico.es, vertol.com.ua, www.metrovalencia.es, www.sedigas.es, www.ulf.com.ua, www.tramalacant.es, socibusventas.es, www.turgranada.es, www.tib.org, www.metroligero-oeste.es, nadu.com.ua, www.elcasco1920.com, tec.dp.ua, energia.imdea.org, www.coruna.gal, vsenergy.com.ua, www.emtmadrid.es, www.legebiltzarra.eus, metromalaga.es, flashback.org, id.coruna.gal, www.turismo.gal
Dismissed Targets(0):

Detected attack on 2026-02-16_13-25-13

codabar@42de.it (Alfredo Terrone) — Mon, 16 Feb 2026 13:25:13 +0000

The attacks attributed to noname057 primarily target websites in Spain and Ukraine. Notable sectors affected include transportation, agriculture, and public services, with various regional and national entities being compromised. Key countries under attack are Spain, evidenced by multiple local government and transportation websites, and Ukraine, with several sites related to aviation and energy.^{AI generated}
29 targets are under attack, 1 new targets and 28 targets from previous attack
New Targets(1): flashback.org
Targets from prev attack(28): kruk.company, www.cortsvalencianes.es, www.parcan.es, agro-ukraine.com, aeroprakt.kiev.ua, www.crtm.es, tor-safety.com, www.transportepublico.es, vertol.com.ua, www.metrovalencia.es, www.ulf.com.ua, www.sedigas.es, www.tramalacant.es, socibusventas.es, www.turgranada.es, www.tib.org, www.metroligero-oeste.es, nadu.com.ua, www.elcasco1920.com, tec.dp.ua, energia.imdea.org, www.coruna.gal, vsenergy.com.ua, www.emtmadrid.es, www.legebiltzarra.eus, metromalaga.es, id.coruna.gal, www.turismo.gal
Dismissed Targets(0):

Detected attack on 2026-02-16_11-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 16 Feb 2026 11:10:08 +0000

The attacks attributed to noname057(16) primarily target websites in Ukraine and Spain. Key sectors affected include energy, transportation, and tourism, with notable attacks on Ukrainian sites like tib.org, vsenergy.com.ua, and metrovalencia.es in Spain. Other targeted areas include public transport and agricultural sectors, indicating a broad strategy focused on critical infrastructure and public services in these countries.^{AI generated}
28 targets are under attack, 1 new targets and 27 targets from previous attack
New Targets(1): tor-safety.com
Targets from prev attack(27): www.tib.org, vsenergy.com.ua, www.ulf.com.ua, www.legebiltzarra.eus, www.metrovalencia.es, aeroprakt.kiev.ua, vertol.com.ua, www.transportepublico.es, energia.imdea.org, agro-ukraine.com, www.turgranada.es, www.crtm.es, www.elcasco1920.com, kruk.company, nadu.com.ua, www.parcan.es, www.turismo.gal, www.emtmadrid.es, www.tramalacant.es, metromalaga.es, www.sedigas.es, www.metroligero-oeste.es, tec.dp.ua, www.cortsvalencianes.es, id.coruna.gal, socibusventas.es, www.coruna.gal
Dismissed Targets(0):

Detected attack on 2026-02-16_11-05-09

codabar@42de.it (Alfredo Terrone) — Mon, 16 Feb 2026 11:05:09 +0000

Noname057(16) has targeted various websites primarily located in Ukraine and Spain. The attacks have affected sectors such as energy, transportation, and tourism, highlighting a significant focus on critical infrastructure and public services in these countries. Key targets include energy companies, public transport authorities, and local government sites, indicating a strategic approach to disrupt essential services.^{AI generated}
27 targets are under attack, 8 new targets and 19 targets from previous attack
New Targets(8): vsenergy.com.ua, agro-ukraine.com, www.ulf.com.ua, kruk.company, nadu.com.ua, tec.dp.ua, aeroprakt.kiev.ua, vertol.com.ua
Targets from prev attack(19): www.tib.org, www.legebiltzarra.eus, www.metrovalencia.es, www.transportepublico.es, energia.imdea.org, www.turgranada.es, www.crtm.es, www.elcasco1920.com, www.parcan.es, www.turismo.gal, www.emtmadrid.es, www.tramalacant.es, metromalaga.es, www.sedigas.es, www.metroligero-oeste.es, www.cortsvalencianes.es, id.coruna.gal, socibusventas.es, www.coruna.gal
Dismissed Targets(0):

Detected attack on 2026-02-16_07-05-08

codabar@42de.it (Alfredo Terrone) — Mon, 16 Feb 2026 07:05:08 +0000

The attacks by noname057(16) primarily targeted websites in Spain, affecting various sectors such as transportation, tourism, and local government. Key sites include public transport organizations like EMT Madrid and Metro Valencia, as well as regional tourism sites like Turismo Gal. The attacks demonstrate a focus on critical infrastructure and public services within the country.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.tib.org, metromalaga.es, www.parcan.es, www.sedigas.es, www.coruna.gal, energia.imdea.org, www.legebiltzarra.eus, www.emtmadrid.es, www.metrovalencia.es, www.transportepublico.es, www.cortsvalencianes.es, www.crtm.es, www.tramalacant.es, www.turgranada.es, www.metroligero-oeste.es, www.elcasco1920.com, www.turismo.gal, id.coruna.gal, socibusventas.es
Targets from prev attack(0):
Dismissed Targets(19): www.konanbus.com, www.sompo-am.co.jp, www.idcj.jp, jimin-miekenren.jp, www.kkj.go.jp, www.hakodate-dock.co.jp, information1.gov-procurement.go.jp, www.mizuho-sc.com, glossary.mizuho-sc.com, www.aomori-airport.co.jp, www.nomuraholdings.com, reserve.seikan-ferry.jp, aoimorirailway.com, www.jcci.or.jp, www.sompo-rc.co.jp, www.jcaa.or.jp, prime-as.co.jp, www.naikaizosen.co.jp, www.siteitosi.jp

Detected attack on 2026-02-15_07-05-09

codabar@42de.it (Alfredo Terrone) — Sun, 15 Feb 2026 07:05:09 +0000

The attack by noname057(16) primarily targeted websites in Japan, affecting various sectors including transportation, finance, and governmental services. Key sites include Aomori Airport, Konan Bus, and Mizuho Securities, highlighting a significant focus on critical infrastructure and financial institutions within the country.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.aomori-airport.co.jp, www.konanbus.com, glossary.mizuho-sc.com, www.sompo-rc.co.jp, www.jcci.or.jp, www.siteitosi.jp, www.hakodate-dock.co.jp, www.jcaa.or.jp, www.mizuho-sc.com, www.idcj.jp, aoimorirailway.com, jimin-miekenren.jp, reserve.seikan-ferry.jp, www.kkj.go.jp, information1.gov-procurement.go.jp, prime-as.co.jp, www.sompo-am.co.jp, www.nomuraholdings.com, www.naikaizosen.co.jp
Targets from prev attack(0):
Dismissed Targets(18): ufpb.kiev.ua, komsamovr.rada.gov.ua, awex.com.ua, phoenix-s.com.ua, merydian.kiev.ua, ab.com.ua, lreri.tripod.com, chervonyi.com.ua, kompravlud.rada.gov.ua, bezpeka.ua, kompek.rada.gov.ua, kompravpol.rada.gov.ua, komfinbank.rada.gov.ua, komtrans.rada.gov.ua, www.materials.kiev.ua, komnbor.rada.gov.ua, www.autokraz.com.ua, komzakonpr.rada.gov.ua

Detected attack on 2026-02-14_07-10-06

codabar@42de.it (Alfredo Terrone) — Sat, 14 Feb 2026 07:10:06 +0000

The attacks attributed to noname057 primarily target websites in Ukraine, reflecting a focus on governmental, financial, and local business entities. Key sectors affected include local government websites and various commercial platforms, indicating a strategic effort to disrupt services and gather intelligence within the region.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): komtrans.rada.gov.ua, www.autokraz.com.ua, awex.com.ua, chervonyi.com.ua, kompravlud.rada.gov.ua, komsamovr.rada.gov.ua, kompravpol.rada.gov.ua, komzakonpr.rada.gov.ua, bezpeka.ua, phoenix-s.com.ua, komnbor.rada.gov.ua, ufpb.kiev.ua, merydian.kiev.ua, komfinbank.rada.gov.ua, lreri.tripod.com, www.materials.kiev.ua, ab.com.ua, kompek.rada.gov.ua
Targets from prev attack(0):
Dismissed Targets(23): www.pref.ehime.jp, photopribor.ck.ua, www.city.matsuyama.ehime.jp, www.sanoyas.co.jp, zmturbines.com, www.i-ppi.jp, www.pref.aomori.lg.jp, ohorona-kyiv.com, www.city.fukui.lg.jp, ohorona-bezpeka.com, www.malyshevplant.com, www.city.maebashi.gunma.jp, spetstechnoexport.com, bezpeka-zahyst.com.ua, www.pref.fukui.lg.jp, www.pref.ishikawa.lg.jp, oib.com.ua, www.ferrexpo.ua, cabinet.oib.com.ua, www.morozov.com.ua, www.city.akita.lg.jp, www.0175.co.jp, www.city.nanao.lg.jp

Detected attack on 2026-02-13_15-15-08

codabar@42de.it (Alfredo Terrone) — Fri, 13 Feb 2026 15:15:08 +0000

Noname057(16) has targeted various websites primarily in Japan and Ukraine. The main countries under attack include Japan, with multiple local government and corporate sites being compromised, and Ukraine, where several businesses and government-related websites have been affected. The attacks highlight a focus on both regional administrative entities and key industrial sectors in these nations.^{AI generated}
23 targets are under attack, 0 new targets and 23 targets from previous attack
New Targets(0):
Targets from prev attack(23): www.sanoyas.co.jp, www.pref.aomori.lg.jp, www.pref.ehime.jp, ohorona-bezpeka.com, oib.com.ua, www.i-ppi.jp, www.city.fukui.lg.jp, ohorona-kyiv.com, www.0175.co.jp, www.city.nanao.lg.jp, www.ferrexpo.ua, www.morozov.com.ua, cabinet.oib.com.ua, zmturbines.com, photopribor.ck.ua, spetstechnoexport.com, bezpeka-zahyst.com.ua, www.city.matsuyama.ehime.jp, www.city.maebashi.gunma.jp, www.city.akita.lg.jp, www.pref.ishikawa.lg.jp, www.pref.fukui.lg.jp, www.malyshevplant.com
Dismissed Targets(3): www.konanbus.com, aoimorirailway.com, www.kkj.go.jp

Detected attack on 2026-02-13_15-10-08

codabar@42de.it (Alfredo Terrone) — Fri, 13 Feb 2026 15:10:08 +0000

The recent attacks attributed to noname057(16) primarily targeted websites in Japan and Ukraine. Key regions under attack include various prefectures in Japan, such as Aomori, Ishikawa, Ehime, and Fukui, along with multiple cities like Nanao, Akita, and Maebashi. In Ukraine, notable targets include sites related to security and industry, highlighting a significant focus on both governmental and commercial entities in these countries.^{AI generated}
26 targets are under attack, 0 new targets and 26 targets from previous attack
New Targets(0):
Targets from prev attack(26): www.pref.aomori.lg.jp, www.morozov.com.ua, bezpeka-zahyst.com.ua, www.kkj.go.jp, www.city.nanao.lg.jp, www.city.akita.lg.jp, www.pref.ehime.jp, www.pref.ishikawa.lg.jp, www.i-ppi.jp, spetstechnoexport.com, ohorona-kyiv.com, www.malyshevplant.com, www.city.fukui.lg.jp, www.konanbus.com, www.sanoyas.co.jp, oib.com.ua, cabinet.oib.com.ua, www.city.maebashi.gunma.jp, ohorona-bezpeka.com, www.0175.co.jp, www.city.matsuyama.ehime.jp, photopribor.ck.ua, zmturbines.com, www.pref.fukui.lg.jp, aoimorirailway.com, www.ferrexpo.ua
Dismissed Targets(4): glossary.mizuho-sc.com, reserve.seikan-ferry.jp, www.mizuho-sc.com, information1.gov-procurement.go.jp

Detected attack on 2026-02-13_11-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 13 Feb 2026 11:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in Japan and Ukraine. Key Japanese sites include various local government and transportation websites, such as those from Ehime, Aomori, Ishikawa, and Akita prefectures, as well as companies like Mizuho and Sanoyas. In Ukraine, the attacks involved sites related to government procurement and defense, including Morozov and Ferrexpo. The focus on these countries indicates a mix of local government and industrial targets, reflecting a diverse range of interests.^{AI generated}
30 targets are under attack, 11 new targets and 19 targets from previous attack
New Targets(11): ohorona-bezpeka.com, www.morozov.com.ua, zmturbines.com, cabinet.oib.com.ua, bezpeka-zahyst.com.ua, www.ferrexpo.ua, photopribor.ck.ua, spetstechnoexport.com, ohorona-kyiv.com, www.malyshevplant.com, oib.com.ua
Targets from prev attack(19): www.pref.ehime.jp, information1.gov-procurement.go.jp, aoimorirailway.com, www.kkj.go.jp, www.pref.ishikawa.lg.jp, www.pref.aomori.lg.jp, www.city.maebashi.gunma.jp, www.city.nanao.lg.jp, www.mizuho-sc.com, reserve.seikan-ferry.jp, www.city.akita.lg.jp, www.city.fukui.lg.jp, www.i-ppi.jp, www.0175.co.jp, www.konanbus.com, www.sanoyas.co.jp, www.city.matsuyama.ehime.jp, www.pref.fukui.lg.jp, glossary.mizuho-sc.com
Dismissed Targets(0):

Detected attack on 2026-02-13_08-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 13 Feb 2026 08:05:09 +0000

The attacks attributed to noname057(16) primarily targeted websites in Japan. Key regions affected include Ehime, Fukui, Ishikawa, Aomori, Akita, and Gunma. The compromised sites represent various sectors, including government, transportation, and local services, indicating a broad impact on public infrastructure and services across these areas.^{AI generated}
19 targets are under attack, 0 new targets and 19 targets from previous attack
New Targets(0):
Targets from prev attack(19): www.city.matsuyama.ehime.jp, www.pref.ehime.jp, information1.gov-procurement.go.jp, aoimorirailway.com, www.mizuho-sc.com, glossary.mizuho-sc.com, www.pref.fukui.lg.jp, www.pref.ishikawa.lg.jp, www.city.nanao.lg.jp, www.sanoyas.co.jp, www.pref.aomori.lg.jp, www.konanbus.com, www.i-ppi.jp, www.0175.co.jp, reserve.seikan-ferry.jp, www.kkj.go.jp, www.city.akita.lg.jp, www.city.maebashi.gunma.jp, www.city.fukui.lg.jp
Dismissed Targets(1): azocm.postavschiki.ua

Detected attack on 2026-02-13_07-10-08

codabar@42de.it (Alfredo Terrone) — Fri, 13 Feb 2026 07:10:08 +0000

The attacks attributed to noname057(16) primarily targeted websites in Japan, including various local government sites and transportation companies. Key regions under attack include Gunma, Ishikawa, Aomori, Fukui, Ehime, and Akita. Additionally, there was an attack on a Ukrainian site, indicating a broader geographical reach beyond Japan.^{AI generated}
20 targets are under attack, 19 new targets and 1 targets from previous attack
New Targets(19): www.city.maebashi.gunma.jp, www.kkj.go.jp, information1.gov-procurement.go.jp, www.pref.ishikawa.lg.jp, aoimorirailway.com, reserve.seikan-ferry.jp, www.0175.co.jp, www.city.nanao.lg.jp, www.pref.aomori.lg.jp, www.konanbus.com, www.city.fukui.lg.jp, www.i-ppi.jp, www.city.akita.lg.jp, www.mizuho-sc.com, www.pref.ehime.jp, www.city.matsuyama.ehime.jp, www.pref.fukui.lg.jp, www.sanoyas.co.jp, glossary.mizuho-sc.com
Targets from prev attack(1): azocm.postavschiki.ua
Dismissed Targets(23): yuzhmash.com, www.esri.cao.go.jp, www.port-of-nagoya.jp, www.dss-ua.com, www.ukrniat.com, www.jcaa.or.jp, www.azot.com.ua, www.shugiin.go.jp, www.city.aomori.aomori.jp, www.cao.go.jp, www.paj.gr.jp, octavacapital.ua, www.aomori-airport.co.jp, www.naikaizosen.co.jp, roboneers.net, amstor.com, www.rieti.go.jp, www.jbaudit.go.jp, www.city.sendai.jp, www.osakametro.co.jp, lansys.com.ua, www.city.osaka.lg.jp, www.siteitosi.jp

Detected attack on 2026-02-12_11-25-10

codabar@42de.it (Alfredo Terrone) — Thu, 12 Feb 2026 11:25:10 +0000

Noname057(16) has targeted various websites primarily in Japan and Ukraine. The attacks include government and organizational sites such as the Japan Civil Aviation Bureau and several municipal sites in Japanese cities like Sendai and Osaka. Additionally, Ukrainian websites, including those related to auditing and capital investment, have also been affected.^{AI generated}
24 targets are under attack, 1 new targets and 23 targets from previous attack
New Targets(1): www.dss-ua.com
Targets from prev attack(23): www.jcaa.or.jp, amstor.com, www.shugiin.go.jp, www.jbaudit.go.jp, azocm.postavschiki.ua, www.naikaizosen.co.jp, www.paj.gr.jp, www.ukrniat.com, www.siteitosi.jp, www.cao.go.jp, lansys.com.ua, www.rieti.go.jp, www.city.sendai.jp, www.city.osaka.lg.jp, roboneers.net, www.aomori-airport.co.jp, octavacapital.ua, www.port-of-nagoya.jp, www.esri.cao.go.jp, yuzhmash.com, www.azot.com.ua, www.osakametro.co.jp, www.city.aomori.aomori.jp
Dismissed Targets(0):

Detected attack on 2026-02-12_11-20-09

codabar@42de.it (Alfredo Terrone) — Thu, 12 Feb 2026 11:20:09 +0000

Noname057(16) has targeted various websites primarily in Japan and Ukraine. The main countries under attack include Japan, with significant hits on sites related to airports, cities, and governmental organizations, and Ukraine, where several sites associated with local businesses and services have been compromised.^{AI generated}
23 targets are under attack, 8 new targets and 15 targets from previous attack
New Targets(8): www.azot.com.ua, yuzhmash.com, amstor.com, azocm.postavschiki.ua, octavacapital.ua, roboneers.net, www.ukrniat.com, lansys.com.ua
Targets from prev attack(15): www.paj.gr.jp, www.port-of-nagoya.jp, www.cao.go.jp, www.siteitosi.jp, www.osakametro.co.jp, www.shugiin.go.jp, www.aomori-airport.co.jp, www.city.sendai.jp, www.city.osaka.lg.jp, www.naikaizosen.co.jp, www.rieti.go.jp, www.jcaa.or.jp, www.jbaudit.go.jp, www.esri.cao.go.jp, www.city.aomori.aomori.jp
Dismissed Targets(0):

Detected attack on 2026-02-12_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 12 Feb 2026 07:10:08 +0000

The attacks by noname057(16) primarily targeted Japanese websites, focusing on various sectors including government, transportation, and local municipalities. Key cities affected include Osaka, Nagoya, Aomori, and Sendai, indicating a concentrated effort against critical infrastructure and public services in Japan.^{AI generated}
15 targets are under attack, 4 new targets and 11 targets from previous attack
New Targets(4): www.shugiin.go.jp, www.cao.go.jp, www.esri.cao.go.jp, www.city.aomori.aomori.jp
Targets from prev attack(11): www.city.osaka.lg.jp, www.port-of-nagoya.jp, www.siteitosi.jp, www.paj.gr.jp, www.jbaudit.go.jp, www.osakametro.co.jp, www.aomori-airport.co.jp, www.jcaa.or.jp, www.city.sendai.jp, www.naikaizosen.co.jp, www.rieti.go.jp
Dismissed Targets(0):

Detected attack on 2026-02-12_07-05-10

codabar@42de.it (Alfredo Terrone) — Thu, 12 Feb 2026 07:05:10 +0000

The attacks attributed to noname057 primarily targeted websites in Japan. Key cities under attack include Osaka and Sendai, with notable sites like the Osaka city government, Nagoya port, and various local transportation and airport services being compromised. The focus appears to be on municipal and transportation-related entities across the country.^{AI generated}
11 targets are under attack, 11 new targets and 0 targets from previous attack
New Targets(11): www.city.osaka.lg.jp, www.port-of-nagoya.jp, www.siteitosi.jp, www.paj.gr.jp, www.jbaudit.go.jp, www.osakametro.co.jp, www.aomori-airport.co.jp, www.jcaa.or.jp, www.city.sendai.jp, www.naikaizosen.co.jp, www.rieti.go.jp
Targets from prev attack(0):
Dismissed Targets(29): bezpeka.ua, www.jimin.jp, www.materials.kiev.ua, temp3000.com, merydian.kiev.ua, www.pult-ohrana.kiev.ua, ufpb.kiev.ua, www.sonyfg.co.jp, www.chancenavi.jp, prime-as.co.jp, lreri.tripod.com, www.autokraz.com.ua, www.jmuc.co.jp, www.tokyo-jimin.jp, www.sompo-am.co.jp, www.nomuraholdings.com, jimin-miekenren.jp, bezpeka-ltd.com, www.td-holdings.co.jp, pribor.zp.ua, www.idcj.jp, www.kyoto-jimin.jp, www.jcci.or.jp, phoenix-s.com.ua, www.sompo-rc.co.jp, www.ism.kiev.ua, www.hakodate-dock.co.jp, ab.com.ua, www.orion.te.ua

Detected attack on 2026-02-11_11-10-08

codabar@42de.it (Alfredo Terrone) — Wed, 11 Feb 2026 11:10:08 +0000

The attacks attributed to noname057 primarily targeted websites in Ukraine and Japan. Key sectors affected include finance, technology, and local government services. Ukraine's sites, such as pribor.zp.ua and autokraz.com.ua, highlight the focus on critical infrastructure, while Japan's targets like nomuraholdings.com and sompo-rc.co.jp reflect interests in major corporations and financial institutions. Overall, the campaign demonstrates a concentrated effort against entities in these two countries.^{AI generated}
29 targets are under attack, 14 new targets and 15 targets from previous attack
New Targets(14): ufpb.kiev.ua, www.pult-ohrana.kiev.ua, pribor.zp.ua, temp3000.com, www.orion.te.ua, lreri.tripod.com, ab.com.ua, merydian.kiev.ua, bezpeka-ltd.com, www.ism.kiev.ua, www.materials.kiev.ua, phoenix-s.com.ua, bezpeka.ua, www.autokraz.com.ua
Targets from prev attack(15): www.nomuraholdings.com, www.tokyo-jimin.jp, www.sompo-am.co.jp, www.kyoto-jimin.jp, www.jimin.jp, www.sonyfg.co.jp, www.idcj.jp, www.td-holdings.co.jp, www.jcci.or.jp, www.jmuc.co.jp, prime-as.co.jp, jimin-miekenren.jp, www.chancenavi.jp, www.sompo-rc.co.jp, www.hakodate-dock.co.jp
Dismissed Targets(0):

Detected attack on 2026-02-11_07-05-08

codabar@42de.it (Alfredo Terrone) — Wed, 11 Feb 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Japan. The attacked sites include government-related domains, financial institutions, and corporate entities, indicating a focus on Japanese infrastructure and businesses.^{AI generated}
15 targets are under attack, 15 new targets and 0 targets from previous attack
New Targets(15): jimin-miekenren.jp, www.jimin.jp, www.sonyfg.co.jp, www.td-holdings.co.jp, www.jmuc.co.jp, prime-as.co.jp, www.nomuraholdings.com, www.sompo-rc.co.jp, www.tokyo-jimin.jp, www.chancenavi.jp, www.idcj.jp, www.hakodate-dock.co.jp, www.kyoto-jimin.jp, www.jcci.or.jp, www.sompo-am.co.jp
Targets from prev attack(0):
Dismissed Targets(17): www.rada-poltava.gov.ua, kompek.rada.gov.ua, chervonyi.com.ua, komzakonpr.rada.gov.ua, mariupolrada.gov.ua, zp.gov.ua, kompravpol.rada.gov.ua, komfinbank.rada.gov.ua, komsamovr.rada.gov.ua, loga.gov.ua, komtrans.rada.gov.ua, adm.dp.gov.ua, smr.gov.ua, komnbor.rada.gov.ua, awex.com.ua, www.vmr.gov.ua, kompravlud.rada.gov.ua

Detected attack on 2026-02-10_08-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 10 Feb 2026 08:10:08 +0000

The sites attacked by noname057(16) primarily belong to Ukraine, indicating a focus on Ukrainian government and municipal websites. The targeted domains include various regional administrations and local government entities, highlighting the ongoing cyber threats faced by Ukraine amidst geopolitical tensions.^{AI generated}
17 targets are under attack, 0 new targets and 17 targets from previous attack
New Targets(0):
Targets from prev attack(17): smr.gov.ua, mariupolrada.gov.ua, zp.gov.ua, kompravlud.rada.gov.ua, adm.dp.gov.ua, www.vmr.gov.ua, komfinbank.rada.gov.ua, loga.gov.ua, komsamovr.rada.gov.ua, awex.com.ua, komtrans.rada.gov.ua, www.rada-poltava.gov.ua, kompek.rada.gov.ua, kompravpol.rada.gov.ua, komnbor.rada.gov.ua, komzakonpr.rada.gov.ua, chervonyi.com.ua
Dismissed Targets(14): www.furesoe.dk, www.horsholm.dk, www.hillerod.dk, fredensborg.dk, www.faxekommune.dk, www.egedalkommune.dk, herlev.dk, www.gladsaxe.dk, www.htk.dk, www.brondby.dk, www.dragoer.dk, www.ballerup.dk, www.frederikssund.dk, albertslund.dk

Detected attack on 2026-02-10_07-05-09

codabar@42de.it (Alfredo Terrone) — Tue, 10 Feb 2026 07:05:09 +0000

The sites attacked by noname057 primarily include government and municipal websites from Ukraine and Denmark. The main countries under attack are Ukraine, with several regional and local government sites targeted, and Denmark, where numerous municipal websites have been compromised.^{AI generated}
31 targets are under attack, 17 new targets and 14 targets from previous attack
New Targets(17): loga.gov.ua, awex.com.ua, chervonyi.com.ua, smr.gov.ua, kompravlud.rada.gov.ua, adm.dp.gov.ua, www.rada-poltava.gov.ua, kompek.rada.gov.ua, komtrans.rada.gov.ua, kompravpol.rada.gov.ua, komzakonpr.rada.gov.ua, komfinbank.rada.gov.ua, komsamovr.rada.gov.ua, mariupolrada.gov.ua, komnbor.rada.gov.ua, www.vmr.gov.ua, zp.gov.ua
Targets from prev attack(14): www.furesoe.dk, www.ballerup.dk, www.frederikssund.dk, www.brondby.dk, albertslund.dk, www.gladsaxe.dk, www.horsholm.dk, www.hillerod.dk, www.htk.dk, fredensborg.dk, herlev.dk, www.faxekommune.dk, www.egedalkommune.dk, www.dragoer.dk
Dismissed Targets(0):

Detected attack on 2026-02-09_17-10-11

codabar@42de.it (Alfredo Terrone) — Mon, 09 Feb 2026 17:10:11 +0000

Noname057(16) has targeted several municipal websites in Denmark, primarily affecting local government and community services. The attacked sites include those from cities such as Frederikssund, Hørsholm, Herlev, Hillerød, and Ballerup, among others. This indicates a focused campaign against Danish public institutions.^{AI generated}
14 targets are under attack, 0 new targets and 14 targets from previous attack
New Targets(0):
Targets from prev attack(14): www.horsholm.dk, www.frederikssund.dk, www.hillerod.dk, herlev.dk, www.htk.dk, www.faxekommune.dk, fredensborg.dk, www.furesoe.dk, www.egedalkommune.dk, www.ballerup.dk, albertslund.dk, www.dragoer.dk, www.brondby.dk, www.gladsaxe.dk
Dismissed Targets(16): www.milanbergamoairport.it, www.teamnor.no, www.pkol.pl, www.teamdeutschland.de, www.sea-aeroportimilano.it, passauto.milanocortina2026.org, olympic.ca, www.eok.ee, www.frederiksberg.dk, bgolympic.org, www.coe.es, www.olympiakomitea.fi, www.ltok.lt, www.olympic.cz, www.cortinaparking.it, www.olympia.at

Detected attack on 2026-02-09_11-05-08

codabar@42de.it (Alfredo Terrone) — Mon, 09 Feb 2026 11:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark, with numerous local municipalities such as htk.dk, fredensborg.dk, hillerod.dk, and others being affected. Other notable countries include the Czech Republic (olympic.cz), Poland (pkol.pl), Estonia (eok.ee), Lithuania (ltok.lt), Spain (coe.es), Norway (teamnor.no), Germany (teamdeutschland.de), Italy (cortinaparking.it, milanbergamoairport.it), and Austria (olympia.at). The attacks appear to focus on sports-related organizations and local government sites across these nations.^{AI generated}
30 targets are under attack, 15 new targets and 15 targets from previous attack
New Targets(15): www.eok.ee, olympic.ca, www.ltok.lt, passauto.milanocortina2026.org, www.coe.es, www.olympia.at, www.olympiakomitea.fi, www.teamnor.no, www.sea-aeroportimilano.it, bgolympic.org, www.teamdeutschland.de, www.cortinaparking.it, www.milanbergamoairport.it, www.olympic.cz, www.pkol.pl
Targets from prev attack(15): www.frederiksberg.dk, www.frederikssund.dk, www.faxekommune.dk, www.brondby.dk, herlev.dk, www.htk.dk, fredensborg.dk, www.hillerod.dk, www.horsholm.dk, www.ballerup.dk, www.egedalkommune.dk, www.dragoer.dk, www.gladsaxe.dk, www.furesoe.dk, albertslund.dk
Dismissed Targets(0):

Detected attack on 2026-02-09_08-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 09 Feb 2026 08:10:08 +0000

The websites targeted by noname057(16) primarily belong to municipalities in Denmark. The attacks have affected various local government sites, including those from cities such as Hillerød, Egedal, Albertslund, Herlev, Gladsaxe, Faxe, Ballerup, Brøndby, Dragør, Høje-Taastrup, Furesø, Hørsholm, Frederiksberg, Fredensborg, and Frederikssund. This indicates a focused campaign against Danish local authorities.^{AI generated}
15 targets are under attack, 15 new targets and 0 targets from previous attack
New Targets(15): www.hillerod.dk, www.egedalkommune.dk, fredensborg.dk, herlev.dk, www.frederiksberg.dk, www.gladsaxe.dk, www.faxekommune.dk, www.ballerup.dk, www.brondby.dk, www.dragoer.dk, www.furesoe.dk, www.horsholm.dk, albertslund.dk, www.htk.dk, www.frederikssund.dk
Targets from prev attack(0):
Dismissed Targets(12): www.comune.parma.it, www.regione.emilia-romagna.it, www.dosb.de, www.valgardena.it, www.skirama.it, www.herabit.com, www.ski.it, www.kronplatz.com, www.bormioski.eu, www.consiglio.vda.it, www.cortinaexpress.it, www.comune.giugliano.na.it

Detected attack on 2026-02-09_07-05-07

codabar@42de.it (Alfredo Terrone) — Mon, 09 Feb 2026 07:05:07 +0000

Noname057(16) has targeted several websites primarily in Italy and Germany. The attacks include ski resort and tourism-related sites such as skirama.it, kronplatz.com, and valgardena.it, indicating a focus on the winter sports industry. Additionally, various local government sites like comune.giugliano.na.it and regione.emilia-romagna.it were also compromised, highlighting a broader threat to public sector entities in these countries.^{AI generated}
12 targets are under attack, 0 new targets and 12 targets from previous attack
New Targets(0):
Targets from prev attack(12): www.skirama.it, www.dosb.de, www.kronplatz.com, www.regione.emilia-romagna.it, www.herabit.com, www.valgardena.it, www.bormioski.eu, www.cortinaexpress.it, www.ski.it, www.consiglio.vda.it, www.comune.giugliano.na.it, www.comune.parma.it
Dismissed Targets(2): www.stradeanas.it, www.ristorantetivolicortina.it

Detected attack on 2026-02-08_22-30-09

codabar@42de.it (Alfredo Terrone) — Sun, 08 Feb 2026 22:30:09 +0000

The attacks by noname057 primarily targeted websites in Italy, particularly in regions known for tourism and skiing, such as Val Gardena, Cortina, and Bormio. Additionally, some sites related to local government and transportation, like the municipality of Parma and Strade Anas, were also affected. The attacks appear to focus on sectors that are vital for regional infrastructure and tourism.^{AI generated}
14 targets are under attack, 0 new targets and 14 targets from previous attack
New Targets(0):
Targets from prev attack(14): www.valgardena.it, www.stradeanas.it, www.comune.parma.it, www.ristorantetivolicortina.it, www.skirama.it, www.ski.it, www.comune.giugliano.na.it, www.bormioski.eu, www.herabit.com, www.cortinaexpress.it, www.consiglio.vda.it, www.kronplatz.com, www.dosb.de, www.regione.emilia-romagna.it
Dismissed Targets(2): www.olympiakomitea.fi, www.olympia.at

Detected attack on 2026-02-08_22-05-10

codabar@42de.it (Alfredo Terrone) — Sun, 08 Feb 2026 22:05:10 +0000

The attacks attributed to noname057 primarily targeted websites in Italy and Germany. Key sectors affected include regional government sites, tourism and ski resort platforms, and local municipality pages. Notable countries under attack are Italy, with multiple regional and municipal sites, and Germany, represented by a sports organization website.^{AI generated}
16 targets are under attack, 0 new targets and 16 targets from previous attack
New Targets(0):
Targets from prev attack(16): www.regione.emilia-romagna.it, www.kronplatz.com, www.stradeanas.it, www.ski.it, www.comune.giugliano.na.it, www.bormioski.eu, www.cortinaexpress.it, www.herabit.com, www.dosb.de, www.olympiakomitea.fi, www.consiglio.vda.it, www.comune.parma.it, www.olympia.at, www.valgardena.it, www.ristorantetivolicortina.it, www.skirama.it
Dismissed Targets(1): www.teamdeutschland.de

Detected attack on 2026-02-08_08-05-08

codabar@42de.it (Alfredo Terrone) — Sun, 08 Feb 2026 08:05:08 +0000

The attacks by noname057 primarily targeted websites in Italy and Germany. Key affected sites include various regional and municipal government platforms, ski resorts, and tourism-related businesses, indicating a focus on the tourism sector in these countries. Notable locations include Emilia-Romagna, Giugliano, and Cortina in Italy, as well as multiple German sites related to sports and tourism.^{AI generated}
17 targets are under attack, 0 new targets and 17 targets from previous attack
New Targets(0):
Targets from prev attack(17): www.herabit.com, www.ristorantetivolicortina.it, www.valgardena.it, www.bormioski.eu, www.cortinaexpress.it, www.comune.giugliano.na.it, www.teamdeutschland.de, www.skirama.it, www.comune.parma.it, www.dosb.de, www.olympiakomitea.fi, www.consiglio.vda.it, www.kronplatz.com, www.olympia.at, www.stradeanas.it, www.regione.emilia-romagna.it, www.ski.it
Dismissed Targets(10): www.vbb.de, www.limbach-oberfrohna.de, frontend-api.sbahn-hannover.de, start-ni-mitte.de, www.dortmund.de, www.l.de, www.gladbeck.de, www.vg-arendsee-kalbe.de, www.bmi.bund.de, www.kaiserslautern.de

Detected attack on 2026-02-08_07-10-09

codabar@42de.it (Alfredo Terrone) — Sun, 08 Feb 2026 07:10:09 +0000

The attacks attributed to noname057 primarily targeted websites in Germany, Italy, and Finland. Key sites affected include municipal and regional government portals, tourism and ski-related websites, and sports organizations. Notable examples are the city portals of Kaiserslautern, Gladbeck, and Dortmund in Germany, as well as various Italian sites like those of Val Gardena and Emilia-Romagna. The attacks highlight a focus on infrastructure and public services across these countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.kaiserslautern.de, www.valgardena.it, www.consiglio.vda.it, www.regione.emilia-romagna.it, www.olympiakomitea.fi, www.olympia.at, www.stradeanas.it, www.gladbeck.de, www.dosb.de, www.comune.giugliano.na.it, www.cortinaexpress.it, www.herabit.com, www.ski.it, www.ristorantetivolicortina.it, www.vg-arendsee-kalbe.de, start-ni-mitte.de, www.bmi.bund.de, www.l.de, www.teamdeutschland.de, www.skirama.it, frontend-api.sbahn-hannover.de, www.vbb.de, www.kronplatz.com, www.limbach-oberfrohna.de, www.comune.parma.it, www.bormioski.eu, www.dortmund.de
Dismissed Targets(5): www.hotelcortina.com, www.delaposte.it, www.hotelambracortina.it, www.franceschiparkhotel.com, www.hotelvictoriacortina.com

Detected attack on 2026-02-08_07-05-10

codabar@42de.it (Alfredo Terrone) — Sun, 08 Feb 2026 07:05:10 +0000

The attacks by noname057 primarily targeted websites in Germany, Italy, and Finland. Notable sites affected include municipal and regional government portals, tourism and hotel websites, as well as sports organizations. The attacks highlight vulnerabilities in local government and tourism sectors across these countries.^{AI generated}
32 targets are under attack, 17 new targets and 15 targets from previous attack
New Targets(17): www.herabit.com, www.valgardena.it, www.teamdeutschland.de, www.bormioski.eu, www.ski.it, www.skirama.it, www.consiglio.vda.it, www.regione.emilia-romagna.it, www.olympiakomitea.fi, www.olympia.at, www.kronplatz.com, www.stradeanas.it, www.comune.parma.it, www.dosb.de, www.comune.giugliano.na.it, www.cortinaexpress.it, www.ristorantetivolicortina.it
Targets from prev attack(15): www.kaiserslautern.de, www.vg-arendsee-kalbe.de, start-ni-mitte.de, www.bmi.bund.de, frontend-api.sbahn-hannover.de, www.hotelcortina.com, www.vbb.de, www.delaposte.it, www.l.de, www.hotelambracortina.it, www.limbach-oberfrohna.de, www.franceschiparkhotel.com, www.gladbeck.de, www.hotelvictoriacortina.com, www.dortmund.de
Dismissed Targets(3): www.zwickau.de, www.tender24.de, reiner-haseloff.de

Detected attack on 2026-02-07_08-05-10

codabar@42de.it (Alfredo Terrone) — Sat, 07 Feb 2026 08:05:10 +0000

The attacks attributed to noname057(16) primarily targeted websites in Germany and Italy. Key German sites include various municipal and transportation sites such as dortmund.de, kaiserslautern.de, and vbb.de, while Italian targets include hotel websites like hotelcortina.com and delaposte.it. The attacks demonstrate a focus on local government and hospitality sectors in these countries.^{AI generated}
18 targets are under attack, 4 new targets and 14 targets from previous attack
New Targets(4): www.vbb.de, start-ni-mitte.de, www.l.de, frontend-api.sbahn-hannover.de
Targets from prev attack(14): www.hotelambracortina.it, www.hotelcortina.com, www.dortmund.de, www.kaiserslautern.de, www.zwickau.de, www.delaposte.it, reiner-haseloff.de, www.limbach-oberfrohna.de, www.franceschiparkhotel.com, www.vg-arendsee-kalbe.de, www.bmi.bund.de, www.gladbeck.de, www.hotelvictoriacortina.com, www.tender24.de
Dismissed Targets(1): casa.tiscali.it

Detected attack on 2026-02-07_07-10-09

codabar@42de.it (Alfredo Terrone) — Sat, 07 Feb 2026 07:10:09 +0000

The attacks by noname057(16) primarily targeted websites in Germany and Italy. Notable sites include various municipal and governmental portals from Germany such as www.kaiserslautern.de and www.bmi.bund.de, as well as several hotel websites in Italy like www.hotelambracortina.it and www.hotelvictoriacortina.com. The attacks indicate a focus on both local government and hospitality sectors in these countries.^{AI generated}
15 targets are under attack, 7 new targets and 8 targets from previous attack
New Targets(7): www.tender24.de, www.hotelambracortina.it, www.delaposte.it, www.vg-arendsee-kalbe.de, www.hotelcortina.com, www.franceschiparkhotel.com, www.hotelvictoriacortina.com
Targets from prev attack(8): www.limbach-oberfrohna.de, reiner-haseloff.de, casa.tiscali.it, www.kaiserslautern.de, www.bmi.bund.de, www.zwickau.de, www.dortmund.de, www.gladbeck.de
Dismissed Targets(42): www.comune.bard.ao.it, www.zdf.de, www.teamdeutschland.de, www.stradeanas.it, www.ristorantetivolicortina.it, www.olympic.sk, www.comune.champorcher.ao.it, www.dosb.de, www.comune.re.it, hostingdomini.tiscali.it, www.teamgb.com, www.olympijskytym.cz, www.simico.it, www.comune.brusson.ao.it, milanocortina2026.coni.it, www.ladige.it, www.comune.avise.ao.it, www.technoalpin.com, www.comune.fontainemore.ao.it, www.olympia.at, www.comune.chamois.ao.it, www.skiaustria.at, www.swissolympicteam.ch, www.olympiakomitea.fi, www.equipedefrance.com, tickets.milanocortina2026.org, www.comune.piacenza.it, sok.se, www.comune.arnad.ao.it, www.tiscali.it, nocnsf.nl, www.comune.challand-st-victor.ao.it, www.ilgiornale.it, www.esselunga.it, www.comune.ayas.ao.it, hospitality.milanocortina2026.org, mail.tiscali.it, www.comune.challand-st-anselme.ao.it, www.leonardo.com, assistenza.tiscali.it, www.comune.etroubles.ao.it, www.ard.de

Detected attack on 2026-02-07_07-05-09

codabar@42de.it (Alfredo Terrone) — Sat, 07 Feb 2026 07:05:09 +0000

The attacks by noname057(16) have primarily targeted websites in Italy, Germany, and Austria. Notable Italian sites include municipal websites from various regions, such as Bard, Champorcher, and Piacenza, as well as tourism and hospitality-related domains like milanocortina2026.org. German targets include ZDF and various municipal sites like Dortmund and Kaiserslautern. In Austria, sites related to the Olympics and local municipalities were also affected. The attacks indicate a focus on governmental and organizational websites across these countries.^{AI generated}
50 targets are under attack, 7 new targets and 43 targets from previous attack
New Targets(7): www.limbach-oberfrohna.de, reiner-haseloff.de, www.kaiserslautern.de, www.bmi.bund.de, www.zwickau.de, www.dortmund.de, www.gladbeck.de
Targets from prev attack(43): www.comune.bard.ao.it, www.zdf.de, www.teamdeutschland.de, www.stradeanas.it, www.ristorantetivolicortina.it, www.olympic.sk, www.comune.champorcher.ao.it, www.dosb.de, www.comune.re.it, hostingdomini.tiscali.it, www.teamgb.com, www.olympijskytym.cz, www.simico.it, www.comune.brusson.ao.it, milanocortina2026.coni.it, www.ladige.it, www.comune.avise.ao.it, www.technoalpin.com, www.comune.fontainemore.ao.it, www.olympia.at, www.comune.chamois.ao.it, www.skiaustria.at, www.swissolympicteam.ch, www.olympiakomitea.fi, www.equipedefrance.com, www.comune.piacenza.it, www.comune.arnad.ao.it, tickets.milanocortina2026.org, sok.se, www.tiscali.it, nocnsf.nl, www.comune.challand-st-victor.ao.it, casa.tiscali.it, www.comune.ayas.ao.it, www.esselunga.it, www.ilgiornale.it, hospitality.milanocortina2026.org, mail.tiscali.it, www.comune.challand-st-anselme.ao.it, www.leonardo.com, assistenza.tiscali.it, www.comune.etroubles.ao.it, www.ard.de
Dismissed Targets(0):

Detected attack on 2026-02-06_15-05-10

codabar@42de.it (Alfredo Terrone) — Fri, 06 Feb 2026 15:05:10 +0000

The attacks by noname057 primarily targeted websites in several countries, including the Netherlands, Finland, Austria, Germany, Italy, Sweden, the Czech Republic, and France. These attacks affected a range of organizations, including Olympic committees, local government sites, media outlets, and service providers, indicating a focus on high-profile and public-facing entities.^{AI generated}
43 targets are under attack, 2 new targets and 41 targets from previous attack
New Targets(2): www.ilgiornale.it, www.ladige.it
Targets from prev attack(41): www.olympia.at, nocnsf.nl, www.olympiakomitea.fi, www.dosb.de, www.comune.brusson.ao.it, www.tiscali.it, www.simico.it, www.comune.chamois.ao.it, sok.se, www.comune.fontainemore.ao.it, www.teamdeutschland.de, www.zdf.de, www.comune.challand-st-victor.ao.it, www.swissolympicteam.ch, www.olympijskytym.cz, hostingdomini.tiscali.it, www.equipedefrance.com, www.comune.ayas.ao.it, www.comune.bard.ao.it, www.ristorantetivolicortina.it, hospitality.milanocortina2026.org, www.teamgb.com, www.comune.avise.ao.it, www.technoalpin.com, tickets.milanocortina2026.org, www.comune.piacenza.it, www.comune.champorcher.ao.it, www.comune.re.it, www.comune.arnad.ao.it, www.skiaustria.at, assistenza.tiscali.it, milanocortina2026.coni.it, www.esselunga.it, www.comune.challand-st-anselme.ao.it, www.stradeanas.it, www.olympic.sk, www.ard.de, www.comune.etroubles.ao.it, mail.tiscali.it, casa.tiscali.it, www.leonardo.com
Dismissed Targets(0):

Detected attack on 2026-02-06_11-10-10

codabar@42de.it (Alfredo Terrone) — Fri, 06 Feb 2026 11:10:10 +0000

The attacks attributed to noname057 primarily targeted websites in Italy, Austria, the Netherlands, Germany, and Finland. Notable sectors affected include local government sites, sports organizations, and hospitality platforms, indicating a diverse range of interests and potential motivations behind the attacks.^{AI generated}
41 targets are under attack, 18 new targets and 23 targets from previous attack
New Targets(18): www.comune.brusson.ao.it, www.comune.challand-st-victor.ao.it, hostingdomini.tiscali.it, www.comune.challand-st-anselme.ao.it, www.comune.avise.ao.it, www.comune.ayas.ao.it, casa.tiscali.it, www.tiscali.it, www.comune.arnad.ao.it, www.comune.bard.ao.it, mail.tiscali.it, www.comune.champorcher.ao.it, www.comune.fontainemore.ao.it, www.comune.re.it, www.comune.piacenza.it, assistenza.tiscali.it, www.comune.chamois.ao.it, www.comune.etroubles.ao.it
Targets from prev attack(23): www.teamdeutschland.de, www.stradeanas.it, www.skiaustria.at, nocnsf.nl, tickets.milanocortina2026.org, www.ristorantetivolicortina.it, www.olympia.at, www.olympic.sk, www.olympiakomitea.fi, www.teamgb.com, www.olympijskytym.cz, www.esselunga.it, www.swissolympicteam.ch, sok.se, www.ard.de, www.technoalpin.com, www.zdf.de, milanocortina2026.coni.it, www.leonardo.com, www.equipedefrance.com, www.dosb.de, hospitality.milanocortina2026.org, www.simico.it
Dismissed Targets(0):

Detected attack on 2026-02-06_07-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 06 Feb 2026 07:05:08 +0000

The attacks attributed to noname057(16) have primarily targeted websites associated with the Olympic Games and various national sports organizations. The main countries under attack include Finland, Germany, Italy, the Netherlands, Austria, Switzerland, France, the Czech Republic, and Sweden. These attacks seem to focus on entities related to the upcoming Milan-Cortina 2026 Winter Olympics, as well as national Olympic committees and sports teams.^{AI generated}
23 targets are under attack, 23 new targets and 0 targets from previous attack
New Targets(23): www.olympiakomitea.fi, www.ard.de, hospitality.milanocortina2026.org, nocnsf.nl, www.technoalpin.com, www.zdf.de, www.olympic.sk, www.stradeanas.it, www.olympia.at, www.teamgb.com, www.swissolympicteam.ch, www.simico.it, www.dosb.de, tickets.milanocortina2026.org, www.equipedefrance.com, www.olympijskytym.cz, www.skiaustria.at, www.esselunga.it, www.leonardo.com, www.ristorantetivolicortina.it, www.teamdeutschland.de, sok.se, milanocortina2026.coni.it
Targets from prev attack(0):
Dismissed Targets(28): www.bormioski.eu, dolomitibus.it, shop.vulcanair.com, www.olbiagolfoaranci.it, www.porto.trieste.it, vialattea-webshop.axess.shop, www.kronplatz.com, www.ski.it, www.snow-forecast.com, cpanel.vulcanair.com, www.gruppoa2a.it, richiestamodifiche.adm.gov.it, www.amat.pa.it, www.acquanovaravco.eu, skiforum.it, www.globaltenders.com, www.portsofnapa.com, www.skirama.it, w3.ars.sicilia.it, www.cortinaexpress.it, sso.comune.palermo.it, www.sinfomar.it, www.portialtotirreno.it, www.lavoro.gov.it, www.italytenders.com, support.vulcanair.com, assistenza.adm.gov.it, www.valgardena.it

Detected attack on 2026-02-05_12-05-09

codabar@42de.it (Alfredo Terrone) — Thu, 05 Feb 2026 12:05:09 +0000

Noname057(16) has targeted various websites across Italy, focusing on sectors such as tourism, government services, and transportation. Key countries under attack include Italy, with significant hits on ski resorts and local government sites, indicating a specific interest in disrupting services related to travel and public administration. Other affected areas include local businesses and service providers, which highlights a broader impact on the regional economy and infrastructure.^{AI generated}
28 targets are under attack, 18 new targets and 10 targets from previous attack
New Targets(18): www.globaltenders.com, www.italytenders.com, shop.vulcanair.com, richiestamodifiche.adm.gov.it, assistenza.adm.gov.it, w3.ars.sicilia.it, www.gruppoa2a.it, www.porto.trieste.it, www.lavoro.gov.it, sso.comune.palermo.it, cpanel.vulcanair.com, www.sinfomar.it, www.portialtotirreno.it, www.acquanovaravco.eu, www.olbiagolfoaranci.it, www.portsofnapa.com, www.amat.pa.it, support.vulcanair.com
Targets from prev attack(10): www.skirama.it, vialattea-webshop.axess.shop, www.bormioski.eu, www.snow-forecast.com, www.kronplatz.com, dolomitibus.it, www.ski.it, skiforum.it, www.valgardena.it, www.cortinaexpress.it
Dismissed Targets(0):

Detected attack on 2026-02-05_08-05-09

codabar@42de.it (Alfredo Terrone) — Thu, 05 Feb 2026 08:05:09 +0000

Noname057(16) has targeted various ski-related websites primarily in Italy. Key countries under attack include Italy, as evidenced by sites like www.kronplatz.com, www.valgardena.it, www.skirama.it, skiforum.it, www.snow-forecast.com, vialattea-webshop.axess.shop, www.ski.it, www.cortinaexpress.it, dolomitibus.it, and www.bormioski.eu. The focus on these sites highlights a specific interest in the skiing and tourism sector within the region.^{AI generated}
10 targets are under attack, 0 new targets and 10 targets from previous attack
New Targets(0):
Targets from prev attack(10): www.kronplatz.com, www.valgardena.it, www.skirama.it, skiforum.it, www.snow-forecast.com, vialattea-webshop.axess.shop, www.ski.it, www.cortinaexpress.it, dolomitibus.it, www.bormioski.eu
Dismissed Targets(34): www.regione.emilia-romagna.it, www.herabit.com, www.coopvoce.it, www.mit.gov.it, constoronto.esteri.it, www.tessellis.it, www.regione.piemonte.it, www.delaposte.it, www.hotelvictoriacortina.com, casa.tiscali.it, conssydney.esteri.it, www.hotelambracortina.it, connessioneinfibra.it, cortina.eighthotels.it, conslondra.esteri.it, www.regione.lazio.it, www.hotelcristallino.com, private.coopvoce.it, www.comune.giugliano.na.it, uvethotels.com, www.municipio.re.it, www.aeronautica.difesa.it, www.consiglio.vda.it, www.franceschiparkhotel.com, www.uilpa.it, www.miramontimajestic.it, ambwashingtondc.esteri.it, consparigi.esteri.it, www.comune.potenza.it, www.comune.parma.it, www.grandhotelsavoiacortina.com, www.hotelcortina.com, prenotami.esteri.it, www.hotelvillablucortina.it

Detected attack on 2026-02-05_07-15-08

codabar@42de.it (Alfredo Terrone) — Thu, 05 Feb 2026 07:15:08 +0000

The attacks by noname057 primarily targeted websites in Italy, affecting various sectors including tourism, local government, and transportation. Notable regions under attack include the Dolomites, with several ski resorts and hotels, as well as municipalities like Giugliano, Parma, and Potenza. Additionally, the attacks extended to governmental websites at both regional and national levels, indicating a broad scope of interest in disrupting services across Italy.^{AI generated}
44 targets are under attack, 1 new targets and 43 targets from previous attack
New Targets(1): www.snow-forecast.com
Targets from prev attack(43): skiforum.it, www.hotelcortina.com, www.kronplatz.com, www.hotelambracortina.it, www.ski.it, constoronto.esteri.it, www.grandhotelsavoiacortina.com, www.skirama.it, www.comune.giugliano.na.it, dolomitibus.it, www.comune.parma.it, www.bormioski.eu, uvethotels.com, www.franceschiparkhotel.com, www.delaposte.it, www.consiglio.vda.it, www.mit.gov.it, www.comune.potenza.it, consparigi.esteri.it, www.uilpa.it, www.regione.piemonte.it, private.coopvoce.it, www.coopvoce.it, conslondra.esteri.it, prenotami.esteri.it, www.hotelcristallino.com, cortina.eighthotels.it, www.aeronautica.difesa.it, www.herabit.com, vialattea-webshop.axess.shop, www.valgardena.it, conssydney.esteri.it, www.municipio.re.it, www.cortinaexpress.it, connessioneinfibra.it, www.tessellis.it, ambwashingtondc.esteri.it, www.hotelvillablucortina.it, www.miramontimajestic.it, www.regione.lazio.it, www.regione.emilia-romagna.it, casa.tiscali.it, www.hotelvictoriacortina.com
Dismissed Targets(0):

Detected attack on 2026-02-05_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 05 Feb 2026 07:10:08 +0000

The attacks attributed to noname057 primarily target websites in Italy, with notable focus on government, regional, and municipal sites. Key regions under attack include Lazio, Emilia-Romagna, and Piedmont, as well as popular tourist destinations like Cortina and Val Gardena. Additionally, various hospitality and transportation services in the Italian ski industry have been affected, highlighting the group's interest in disrupting both public services and the tourism sector.^{AI generated}
43 targets are under attack, 9 new targets and 34 targets from previous attack
New Targets(9): www.kronplatz.com, www.valgardena.it, dolomitibus.it, www.bormioski.eu, skiforum.it, www.ski.it, www.cortinaexpress.it, www.skirama.it, vialattea-webshop.axess.shop
Targets from prev attack(34): www.aeronautica.difesa.it, www.regione.lazio.it, www.comune.potenza.it, www.consiglio.vda.it, www.comune.parma.it, www.tessellis.it, www.comune.giugliano.na.it, prenotami.esteri.it, conslondra.esteri.it, ambwashingtondc.esteri.it, www.hotelvillablucortina.it, www.regione.emilia-romagna.it, www.regione.piemonte.it, www.delaposte.it, www.coopvoce.it, consparigi.esteri.it, www.hotelcristallino.com, private.coopvoce.it, uvethotels.com, www.uilpa.it, www.hotelambracortina.it, www.hotelcortina.com, www.hotelvictoriacortina.com, constoronto.esteri.it, casa.tiscali.it, www.herabit.com, www.municipio.re.it, www.miramontimajestic.it, connessioneinfibra.it, cortina.eighthotels.it, conssydney.esteri.it, www.grandhotelsavoiacortina.com, www.mit.gov.it, www.franceschiparkhotel.com
Dismissed Targets(1): www.hotelmajoni.it

Detected attack on 2026-02-04_12-05-10

codabar@42de.it (Alfredo Terrone) — Wed, 04 Feb 2026 12:05:10 +0000

The attacks attributed to noname057 primarily targeted websites in Italy, affecting various sectors including government, tourism, and telecommunications. Key regions under attack include Lazio, Emilia-Romagna, and Piemonte, with notable sites such as municipal and regional government portals, hotels, and service providers being compromised.^{AI generated}
35 targets are under attack, 1 new targets and 34 targets from previous attack
New Targets(1): www.regione.lazio.it
Targets from prev attack(34): www.delaposte.it, constoronto.esteri.it, www.uilpa.it, www.consiglio.vda.it, www.comune.potenza.it, connessioneinfibra.it, prenotami.esteri.it, conssydney.esteri.it, private.coopvoce.it, www.hotelmajoni.it, www.comune.giugliano.na.it, www.miramontimajestic.it, casa.tiscali.it, www.mit.gov.it, www.franceschiparkhotel.com, www.tessellis.it, www.municipio.re.it, cortina.eighthotels.it, conslondra.esteri.it, www.hotelcortina.com, uvethotels.com, www.comune.parma.it, ambwashingtondc.esteri.it, www.hotelvictoriacortina.com, consparigi.esteri.it, www.hotelambracortina.it, www.grandhotelsavoiacortina.com, www.aeronautica.difesa.it, www.hotelvillablucortina.it, www.coopvoce.it, www.herabit.com, www.hotelcristallino.com, www.regione.emilia-romagna.it, www.regione.piemonte.it
Dismissed Targets(0):

Detected attack on 2026-02-04_11-05-38

codabar@42de.it (Alfredo Terrone) — Wed, 04 Feb 2026 11:05:38 +0000

The attacks attributed to noname057(16) primarily targeted websites in Italy, including government sites such as consulates and municipalities, as well as various hotels and hospitality services. Key cities under attack include Parma, Giugliano, Potenza, and Cortina, highlighting a focus on both public institutions and the tourism sector in the country. Additionally, there are mentions of sites related to Italian embassies abroad, indicating a broader scope of targeting.^{AI generated}
34 targets are under attack, 16 new targets and 18 targets from previous attack
New Targets(16): private.coopvoce.it, www.municipio.re.it, www.regione.piemonte.it, www.comune.giugliano.na.it, www.regione.emilia-romagna.it, www.consiglio.vda.it, casa.tiscali.it, connessioneinfibra.it, www.mit.gov.it, www.herabit.com, www.uilpa.it, www.aeronautica.difesa.it, www.coopvoce.it, www.comune.potenza.it, www.comune.parma.it, www.tessellis.it
Targets from prev attack(18): www.grandhotelsavoiacortina.com, www.hotelambracortina.it, consparigi.esteri.it, uvethotels.com, www.hotelmajoni.it, ambwashingtondc.esteri.it, prenotami.esteri.it, www.franceschiparkhotel.com, constoronto.esteri.it, www.miramontimajestic.it, www.hotelcristallino.com, cortina.eighthotels.it, www.hotelcortina.com, conssydney.esteri.it, www.delaposte.it, www.hotelvictoriacortina.com, www.hotelvillablucortina.it, conslondra.esteri.it
Dismissed Targets(0):

Detected attack on 2026-02-04_08-10-11

codabar@42de.it (Alfredo Terrone) — Wed, 04 Feb 2026 08:10:11 +0000

The attacks attributed to noname057 primarily targeted websites in Italy, particularly hotels in the Cortina region, as well as several diplomatic sites associated with Italy's embassies in various countries, including Australia, Canada, France, and the United States. The focus on these sectors indicates a strategic choice of targets in the hospitality and diplomatic fields across multiple nations.^{AI generated}
18 targets are under attack, 17 new targets and 1 targets from previous attack
New Targets(17): www.franceschiparkhotel.com, www.hotelcristallino.com, conssydney.esteri.it, prenotami.esteri.it, uvethotels.com, www.delaposte.it, www.grandhotelsavoiacortina.com, www.hotelcortina.com, consparigi.esteri.it, constoronto.esteri.it, conslondra.esteri.it, www.hotelambracortina.it, www.hotelvictoriacortina.com, www.miramontimajestic.it, www.hotelvillablucortina.it, ambwashingtondc.esteri.it, cortina.eighthotels.it
Targets from prev attack(1): www.hotelmajoni.it
Dismissed Targets(17): www.bkms-system.net, www.stmfh.bayern.de, reiner-haseloff.de, azocm.postavschiki.ua, www.dortmund.de, www.limbach-oberfrohna.de, www.gladbeck.de, www.balm.bund.de, www.kaiserslautern.de, www.krone-trailer.com, www.zwickau.de, biddetail.com, www.vg-arendsee-kalbe.de, dtvp.de, www.landtag.sachsen-anhalt.de, www.bmi.bund.de, shop.sternundkreis.de

Detected attack on 2026-02-04_07-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 04 Feb 2026 07:10:09 +0000

The attacks attributed to noname057 primarily targeted websites in Germany, with notable domains including various governmental and municipal sites such as those from the federal and local authorities. Additionally, there was an attack on a Ukrainian site, indicating a broader geographic focus that includes both Germany and Ukraine.^{AI generated}
18 targets are under attack, 1 new targets and 17 targets from previous attack
New Targets(1): www.hotelmajoni.it
Targets from prev attack(17): www.balm.bund.de, www.bmi.bund.de, www.zwickau.de, dtvp.de, www.dortmund.de, www.gladbeck.de, shop.sternundkreis.de, www.stmfh.bayern.de, www.limbach-oberfrohna.de, reiner-haseloff.de, www.krone-trailer.com, azocm.postavschiki.ua, www.kaiserslautern.de, www.bkms-system.net, www.vg-arendsee-kalbe.de, biddetail.com, www.landtag.sachsen-anhalt.de
Dismissed Targets(9): keramet.com.ua, www.dss-ua.com, www.krruda.dp.ua, yuzhmash.com, lemtrans.com.ua, www.srdsc.com, amstor.com, lansys.com.ua, www.ukrniat.com

Detected attack on 2026-02-03_12-00-10

codabar@42de.it (Alfredo Terrone) — Tue, 03 Feb 2026 12:00:10 +0000

The attacks attributed to noname057(16) primarily targeted websites in Ukraine and Germany. Key Ukrainian sites include government and industry-related platforms such as dss-ua.com and yuzhmash.com, while German targets encompass local government and service websites like dortmund.de and bmi.bund.de. The attacks reflect a focus on critical infrastructure and public services in these countries.^{AI generated}
26 targets are under attack, 10 new targets and 16 targets from previous attack
New Targets(10): www.krruda.dp.ua, www.dss-ua.com, keramet.com.ua, lemtrans.com.ua, yuzhmash.com, www.ukrniat.com, azocm.postavschiki.ua, www.srdsc.com, lansys.com.ua, amstor.com
Targets from prev attack(16): www.krone-trailer.com, www.dortmund.de, www.landtag.sachsen-anhalt.de, www.zwickau.de, www.bkms-system.net, www.balm.bund.de, biddetail.com, www.limbach-oberfrohna.de, reiner-haseloff.de, www.vg-arendsee-kalbe.de, www.gladbeck.de, shop.sternundkreis.de, www.kaiserslautern.de, www.bmi.bund.de, www.stmfh.bayern.de, dtvp.de
Dismissed Targets(0):

Detected attack on 2026-02-03_08-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 03 Feb 2026 08:10:08 +0000

The sites attacked by noname057(16) primarily belong to Germany, with a focus on local government and municipal websites. Key targets include various regional administrative sites such as those from Zwickau, Kaiserslautern, and Dortmund, as well as state government portals from Bavaria and Sachsen-Anhalt. The attacks also extended to private businesses and service providers within the country.^{AI generated}
16 targets are under attack, 0 new targets and 16 targets from previous attack
New Targets(0):
Targets from prev attack(16): www.zwickau.de, www.stmfh.bayern.de, www.balm.bund.de, www.bmi.bund.de, www.krone-trailer.com, dtvp.de, www.landtag.sachsen-anhalt.de, shop.sternundkreis.de, www.limbach-oberfrohna.de, www.bkms-system.net, www.kaiserslautern.de, www.dortmund.de, reiner-haseloff.de, www.gladbeck.de, biddetail.com, www.vg-arendsee-kalbe.de
Dismissed Targets(20): www.vbb.de, www.nah.sh, fahrplan-bus-bahn.de, www.l.de, www.sbahn-hannover.de, www.bwegt.de, www.ruhrbahn.de, anmeldung.mdv-verbundgebiet.de, www.vrn.de, www.mvg.de, nahsh.tickeos.de, www.mdv-verbundgebiet.de, frontend-api.sbahn-hannover.de, start-ni-mitte.de, www.bahnhof.de, meine.bsag.de, www.vmv.de, www.uestra.de, www.rvf.de, www.baden-airpark.de

Detected attack on 2026-02-03_07-05-09

codabar@42de.it (Alfredo Terrone) — Tue, 03 Feb 2026 07:05:09 +0000

Noname057(16) has targeted various websites primarily located in Germany. The attacked sites include public transport services, local government portals, and regional information platforms. Key cities under attack include Dortmund, Gladbeck, and Zwickau, with a focus on transportation networks like VBB and MVV. Additionally, several federal and state government websites were also impacted.^{AI generated}
36 targets are under attack, 16 new targets and 20 targets from previous attack
New Targets(16): dtvp.de, shop.sternundkreis.de, www.zwickau.de, www.limbach-oberfrohna.de, www.bmi.bund.de, www.balm.bund.de, www.bkms-system.net, www.gladbeck.de, www.kaiserslautern.de, www.landtag.sachsen-anhalt.de, www.dortmund.de, reiner-haseloff.de, www.krone-trailer.com, biddetail.com, www.stmfh.bayern.de, www.vg-arendsee-kalbe.de
Targets from prev attack(20): www.baden-airpark.de, www.vbb.de, anmeldung.mdv-verbundgebiet.de, fahrplan-bus-bahn.de, www.vmv.de, www.mvg.de, www.mdv-verbundgebiet.de, www.ruhrbahn.de, www.vrn.de, www.bahnhof.de, www.rvf.de, meine.bsag.de, www.l.de, www.uestra.de, frontend-api.sbahn-hannover.de, nahsh.tickeos.de, www.nah.sh, www.bwegt.de, www.sbahn-hannover.de, start-ni-mitte.de
Dismissed Targets(8): merydian.kiev.ua, www.kvsz.com, www.materials.kiev.ua, www.orion.te.ua, temp3000.com, www.tor.gov.ua, lreri.tripod.com, www.ism.kiev.ua

Detected attack on 2026-02-02_11-05-11

codabar@42de.it (Alfredo Terrone) — Mon, 02 Feb 2026 11:05:11 +0000

The attacks attributed to noname057 primarily target transportation and public service websites in Germany and Ukraine. Key countries under attack include Germany, with numerous regional transport sites like www.ruhrbahn.de and www.vrn.de, and Ukraine, with significant sites such as www.tor.gov.ua and materials.kiev.ua. These attacks reflect a focus on disrupting essential services in these regions.^{AI generated}
28 targets are under attack, 8 new targets and 20 targets from previous attack
New Targets(8): www.tor.gov.ua, www.ism.kiev.ua, www.orion.te.ua, merydian.kiev.ua, www.kvsz.com, lreri.tripod.com, temp3000.com, www.materials.kiev.ua
Targets from prev attack(20): www.ruhrbahn.de, frontend-api.sbahn-hannover.de, nahsh.tickeos.de, start-ni-mitte.de, www.vrn.de, www.rvf.de, www.vbb.de, www.mdv-verbundgebiet.de, www.uestra.de, www.mvg.de, meine.bsag.de, fahrplan-bus-bahn.de, www.bahnhof.de, anmeldung.mdv-verbundgebiet.de, www.sbahn-hannover.de, www.bwegt.de, www.nah.sh, www.baden-airpark.de, www.vmv.de, www.l.de
Dismissed Targets(0):

Detected attack on 2026-02-02_08-10-09

codabar@42de.it (Alfredo Terrone) — Mon, 02 Feb 2026 08:10:09 +0000

The attacks attributed to noname057 primarily targeted public transportation websites in Germany. Key sites affected include various regional transport authorities and services, such as VBB, Bwegt, MDV, and several others, indicating a concentrated effort to disrupt transportation infrastructure in the country.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.vbb.de, www.bwegt.de, www.mdv-verbundgebiet.de, fahrplan-bus-bahn.de, www.ruhrbahn.de, www.uestra.de, www.l.de, www.vrn.de, meine.bsag.de, www.nah.sh, www.baden-airpark.de, www.rvf.de, www.sbahn-hannover.de, anmeldung.mdv-verbundgebiet.de, nahsh.tickeos.de, start-ni-mitte.de, www.bahnhof.de, www.vmv.de, frontend-api.sbahn-hannover.de, www.mvg.de
Targets from prev attack(0):
Dismissed Targets(16): hinaray.com, evolvedynamics.com, www.yorkshirewater.com, my.yorkshirewater.com, www.stirling.gov.uk, london-drone.co.uk, www.bristolonecity.com, www.wessexwater.co.uk, www.rail.co.uk, buckfastleigh.gov.uk, olsenactuators.com, nationwidedrones.co.uk, nationaljourneyplanner.travelinesw.com, login.yorkshirewater.com, thedrone.co, www.port-of-felixstowe.co.uk

Detected attack on 2026-02-01_07-10-08

codabar@42de.it (Alfredo Terrone) — Sun, 01 Feb 2026 07:10:08 +0000

The attacks attributed to noname057 primarily targeted websites in the United Kingdom. Key sectors affected include local government, water services, and transportation. Notable sites include buckfastleigh.gov.uk, wessexwater.co.uk, and rail.co.uk, highlighting the focus on essential public services and infrastructure. Other targeted sites include hinaray.com and evolvedynamics.com, indicating a broader range of interests.^{AI generated}
16 targets are under attack, 13 new targets and 3 targets from previous attack
New Targets(13): hinaray.com, thedrone.co, olsenactuators.com, www.wessexwater.co.uk, www.port-of-felixstowe.co.uk, www.yorkshirewater.com, evolvedynamics.com, nationaljourneyplanner.travelinesw.com, nationwidedrones.co.uk, my.yorkshirewater.com, london-drone.co.uk, www.bristolonecity.com, login.yorkshirewater.com
Targets from prev attack(3): buckfastleigh.gov.uk, www.stirling.gov.uk, www.rail.co.uk
Dismissed Targets(18): oneonline.bradford.gov.uk, www.cbi.org.uk, pa.eastcambs.gov.uk, www.theaccessbankukltd.co.uk, www.salford.gov.uk, britten-norman.com, www.g4s.com, my.trafford.gov.uk, www.southamptonvts.co.uk, www.blackburn.gov.uk, www.tameside.gov.uk, politics.leics.gov.uk, www.bury.gov.uk, www.keighley.gov.uk, youraccount.salford.gov.uk, www.heathrowexpress.com, www.trafford.gov.uk, www.harwichtowncouncil.co.uk

Detected attack on 2026-02-01_07-05-09

codabar@42de.it (Alfredo Terrone) — Sun, 01 Feb 2026 07:05:09 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom. Key sectors affected include local government sites, transportation services, and financial institutions. The attacks have impacted various regions, including East Cambridgeshire, Salford, Blackburn, Stirling, and several others, highlighting a concentrated effort against UK-based entities.^{AI generated}
21 targets are under attack, 3 new targets and 18 targets from previous attack
New Targets(3): buckfastleigh.gov.uk, www.stirling.gov.uk, www.rail.co.uk
Targets from prev attack(18): oneonline.bradford.gov.uk, www.cbi.org.uk, pa.eastcambs.gov.uk, www.theaccessbankukltd.co.uk, www.salford.gov.uk, britten-norman.com, www.g4s.com, www.bury.gov.uk, www.tameside.gov.uk, my.trafford.gov.uk, www.southamptonvts.co.uk, politics.leics.gov.uk, www.keighley.gov.uk, www.blackburn.gov.uk, youraccount.salford.gov.uk, www.heathrowexpress.com, www.trafford.gov.uk, www.harwichtowncouncil.co.uk
Dismissed Targets(0):

Detected attack on 2026-01-31_07-05-08

codabar@42de.it (Alfredo Terrone) — Sat, 31 Jan 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom. The attacked sites include local government portals, transportation services, and corporate entities. Key areas under attack include Greater Manchester, Southampton, and various councils across England. The attacks highlight a focus on both public sector and private sector organizations within the UK.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): www.bury.gov.uk, www.southamptonvts.co.uk, www.cbi.org.uk, britten-norman.com, politics.leics.gov.uk, www.salford.gov.uk, www.heathrowexpress.com, www.g4s.com, oneonline.bradford.gov.uk, www.tameside.gov.uk, www.trafford.gov.uk, www.keighley.gov.uk, my.trafford.gov.uk, www.blackburn.gov.uk, www.theaccessbankukltd.co.uk, youraccount.salford.gov.uk, www.harwichtowncouncil.co.uk, pa.eastcambs.gov.uk
Targets from prev attack(0):
Dismissed Targets(20): drone-division.com, www.derbyshire.gov.uk, secure.mipermit.com, redairmedia.co.uk, www.ukrniat.com, www.dss-ua.com, www.lightdynamix.co.uk, www.edinburghdronecompany.co.uk, yuzhmash.com, chess-dynamics.com, www.azot.com.ua, www.travelinesw.com, lansys.com.ua, staff.derbyshire.gov.uk, roboneers.net, aerialworx.co.uk, octavacapital.ua, amstor.com, gkn.com, qinetiq.com

Detected attack on 2026-01-30_17-30-09

codabar@42de.it (Alfredo Terrone) — Fri, 30 Jan 2026 17:30:09 +0000

The attacks attributed to noname057(16) primarily targeted websites in Ukraine and the United Kingdom. Key sectors affected include drone technology, defense, and local government services. Notable sites attacked include octavacapital.ua, gkn.com, and staff.derbyshire.gov.uk, highlighting the focus on both commercial and governmental entities in these regions.^{AI generated}
20 targets are under attack, 0 new targets and 20 targets from previous attack
New Targets(0):
Targets from prev attack(20): octavacapital.ua, roboneers.net, staff.derbyshire.gov.uk, drone-division.com, qinetiq.com, www.edinburghdronecompany.co.uk, www.dss-ua.com, gkn.com, amstor.com, www.derbyshire.gov.uk, www.ukrniat.com, www.travelinesw.com, lansys.com.ua, redairmedia.co.uk, aerialworx.co.uk, yuzhmash.com, www.lightdynamix.co.uk, www.azot.com.ua, chess-dynamics.com, secure.mipermit.com
Dismissed Targets(1): nationwidedrones.co.uk

Detected attack on 2026-01-30_17-25-10

codabar@42de.it (Alfredo Terrone) — Fri, 30 Jan 2026 17:25:10 +0000

Noname057(16) has targeted various websites primarily in Ukraine and the United Kingdom. Key sectors affected include finance, government, defense, and technology. The attacks have impacted organizations such as Octava Capital in Ukraine, Derbyshire County Council in the UK, and companies involved in drone technology and manufacturing, highlighting a focus on critical infrastructure and emerging technologies in these regions.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): octavacapital.ua, roboneers.net, staff.derbyshire.gov.uk, drone-division.com, qinetiq.com, www.edinburghdronecompany.co.uk, www.dss-ua.com, gkn.com, amstor.com, www.derbyshire.gov.uk, www.ukrniat.com, www.travelinesw.com, lansys.com.ua, redairmedia.co.uk, aerialworx.co.uk, yuzhmash.com, www.lightdynamix.co.uk, www.azot.com.ua, chess-dynamics.com, nationwidedrones.co.uk, secure.mipermit.com
Dismissed Targets(7): www.bristolonecity.com, nationaljourneyplanner.travelinesw.com, evolvedynamics.com, hinaray.com, london-drone.co.uk, olsenactuators.com, thedrone.co

Detected attack on 2026-01-30_11-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 30 Jan 2026 11:05:09 +0000

The attacks attributed to noname057(16) primarily targeted websites in the United Kingdom and Ukraine. Key sectors affected include government services, technology, and drone-related industries. Notable targets include local government sites, drone companies, and various organizations involved in transportation and engineering.^{AI generated}
28 targets are under attack, 8 new targets and 20 targets from previous attack
New Targets(8): roboneers.net, lansys.com.ua, www.azot.com.ua, amstor.com, yuzhmash.com, www.ukrniat.com, octavacapital.ua, www.dss-ua.com
Targets from prev attack(20): nationaljourneyplanner.travelinesw.com, thedrone.co, olsenactuators.com, www.derbyshire.gov.uk, www.lightdynamix.co.uk, chess-dynamics.com, gkn.com, qinetiq.com, secure.mipermit.com, redairmedia.co.uk, aerialworx.co.uk, www.bristolonecity.com, www.travelinesw.com, evolvedynamics.com, drone-division.com, www.edinburghdronecompany.co.uk, staff.derbyshire.gov.uk, hinaray.com, nationwidedrones.co.uk, london-drone.co.uk
Dismissed Targets(0):

Detected attack on 2026-01-30_07-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 30 Jan 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom, with notable examples including gkn.com, redairmedia.co.uk, and several local government and drone-related sites. Other affected sites span various sectors, indicating a diverse range of targets within the UK. Additionally, there is a presence of international targets, such as hinaray.com, suggesting a broader scope in the attack strategy.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): gkn.com, chess-dynamics.com, redairmedia.co.uk, nationaljourneyplanner.travelinesw.com, www.derbyshire.gov.uk, drone-division.com, staff.derbyshire.gov.uk, secure.mipermit.com, www.bristolonecity.com, thedrone.co, aerialworx.co.uk, qinetiq.com, olsenactuators.com, www.lightdynamix.co.uk, www.travelinesw.com, evolvedynamics.com, nationwidedrones.co.uk, www.edinburghdronecompany.co.uk, london-drone.co.uk, hinaray.com
Targets from prev attack(0):
Dismissed Targets(28): www.rada-poltava.gov.ua, www.holywood.goesglobal.com, www.niesr.ac.uk, www.stirling.gov.uk, www.wessexwater.co.uk, www.britishchambers.org.uk, www.heathrowexpress.com, www.gatwickexpress.com, dehavilland.co.uk, www.workingtontowncouncil.gov.uk, www.earley-tc.gov.uk, zp.gov.ua, www.g4s.com, awex.com.ua, mariupolrada.gov.ua, www.vmr.gov.ua, smr.gov.ua, buckfastleigh.gov.uk, login.yorkshirewater.com, www.trentbarton.co.uk, www.port-of-felixstowe.co.uk, chervonyi.com.ua, www.rail.co.uk, adm.dp.gov.ua, www.devon.gov.uk, www.southamptonvts.co.uk, loga.gov.ua, www.mta.org.uk

Detected attack on 2026-01-29_11-25-09

codabar@42de.it (Alfredo Terrone) — Thu, 29 Jan 2026 11:25:09 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom and Ukraine. Key sectors affected include local government services, transportation, and utilities. Notable sites include buckfastleigh.gov.uk and gatwickexpress.com from the UK, as well as several government and municipal sites from Ukraine, such as smr.gov.ua and rada-poltava.gov.ua.^{AI generated}
28 targets are under attack, 9 new targets and 19 targets from previous attack
New Targets(9): loga.gov.ua, adm.dp.gov.ua, awex.com.ua, chervonyi.com.ua, mariupolrada.gov.ua, zp.gov.ua, smr.gov.ua, www.vmr.gov.ua, www.rada-poltava.gov.ua
Targets from prev attack(19): buckfastleigh.gov.uk, www.rail.co.uk, www.holywood.goesglobal.com, dehavilland.co.uk, www.gatwickexpress.com, www.heathrowexpress.com, www.earley-tc.gov.uk, www.mta.org.uk, www.port-of-felixstowe.co.uk, www.workingtontowncouncil.gov.uk, www.trentbarton.co.uk, login.yorkshirewater.com, www.stirling.gov.uk, www.devon.gov.uk, www.wessexwater.co.uk, www.niesr.ac.uk, www.britishchambers.org.uk, www.g4s.com, www.southamptonvts.co.uk
Dismissed Targets(0):

Detected attack on 2026-01-29_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 29 Jan 2026 07:10:08 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom. The attacks have affected a range of sectors, including transportation, local government, and water services. Key sites under attack include major transport operators like Gatwick Express and rail services, as well as municipal websites such as Stirling and Devon councils. Other affected entities include water companies and organizations like British Chambers, indicating a broad interest in critical infrastructure and public services within the UK.^{AI generated}
19 targets are under attack, 13 new targets and 6 targets from previous attack
New Targets(13): dehavilland.co.uk, www.trentbarton.co.uk, www.britishchambers.org.uk, www.niesr.ac.uk, www.mta.org.uk, www.wessexwater.co.uk, www.workingtontowncouncil.gov.uk, www.g4s.com, www.holywood.goesglobal.com, www.southamptonvts.co.uk, login.yorkshirewater.com, www.gatwickexpress.com, www.port-of-felixstowe.co.uk
Targets from prev attack(6): www.rail.co.uk, www.earley-tc.gov.uk, buckfastleigh.gov.uk, www.heathrowexpress.com, www.devon.gov.uk, www.stirling.gov.uk
Dismissed Targets(27): erc.ua, spetstechnoexport.com, my.blackburn.gov.uk, nationalhighways.co.uk, www.wymetro.com, www.scottishwater.co.uk, www.morozov.com.ua, www.harwichtowncouncil.co.uk, my.yorkshirewater.com, www.trafford.gov.uk, www.energybrokers.co.uk, www.dwrcymru.com, www.eastmidlands-cca.gov.uk, my.suffolkchamber.co.uk, www.blackburn.gov.uk, www.ferrexpo.ua, www.yorkshirewater.com, exeter.gov.uk, www.icosawater.co.uk, www.suffolk.gov.uk, my.trafford.gov.uk, zmturbines.com, www.findmystreet.co.uk, www.suffolkchamber.co.uk, photopribor.ck.ua, aesgroup.com.ua, www.malyshevplant.com

Detected attack on 2026-01-29_07-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 29 Jan 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom and Ukraine. Key sectors affected include local government services, transportation, water utilities, and energy brokers. Notable countries under attack include the UK, with numerous local councils and public services, and Ukraine, with several industrial and export-related sites.^{AI generated}
33 targets are under attack, 6 new targets and 27 targets from previous attack
New Targets(6): www.rail.co.uk, www.earley-tc.gov.uk, buckfastleigh.gov.uk, www.heathrowexpress.com, www.devon.gov.uk, www.stirling.gov.uk
Targets from prev attack(27): erc.ua, spetstechnoexport.com, my.blackburn.gov.uk, nationalhighways.co.uk, www.wymetro.com, www.scottishwater.co.uk, www.morozov.com.ua, www.harwichtowncouncil.co.uk, my.yorkshirewater.com, www.trafford.gov.uk, www.energybrokers.co.uk, www.dwrcymru.com, www.eastmidlands-cca.gov.uk, my.suffolkchamber.co.uk, www.blackburn.gov.uk, www.ferrexpo.ua, www.yorkshirewater.com, exeter.gov.uk, www.icosawater.co.uk, www.suffolk.gov.uk, my.trafford.gov.uk, zmturbines.com, www.findmystreet.co.uk, www.suffolkchamber.co.uk, photopribor.ck.ua, aesgroup.com.ua, www.malyshevplant.com
Dismissed Targets(0):

Detected attack on 2026-01-28_13-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 13:10:09 +0000

The attacks attributed to noname057 primarily target websites from the United Kingdom and Ukraine. Key sectors affected include local government services, water management, and energy companies. Notable examples of attacked sites include various local councils in the UK, such as Trafford and Blackburn, as well as Ukrainian entities like Ferrexpo and Morozov. The attacks indicate a focus on critical infrastructure and public services in these regions.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.malyshevplant.com, my.suffolkchamber.co.uk, my.trafford.gov.uk, www.blackburn.gov.uk, www.trafford.gov.uk, www.suffolkchamber.co.uk, www.wymetro.com, www.morozov.com.ua, www.suffolk.gov.uk, www.ferrexpo.ua, www.harwichtowncouncil.co.uk, zmturbines.com, erc.ua, nationalhighways.co.uk, www.dwrcymru.com, www.yorkshirewater.com, my.blackburn.gov.uk, www.icosawater.co.uk, photopribor.ck.ua, www.energybrokers.co.uk, aesgroup.com.ua, exeter.gov.uk, my.yorkshirewater.com, spetstechnoexport.com, www.scottishwater.co.uk, www.eastmidlands-cca.gov.uk, www.findmystreet.co.uk
Dismissed Targets(0):

Detected attack on 2026-01-28_11-15-09

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 11:15:09 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom and Ukraine. Key sectors affected include local government services, water supply companies, and various public utilities. Notable countries under attack are the UK, with multiple local councils and water authorities being compromised, and Ukraine, with several industrial and governmental sites targeted.^{AI generated}
27 targets are under attack, 8 new targets and 19 targets from previous attack
New Targets(8): aesgroup.com.ua, www.ferrexpo.ua, spetstechnoexport.com, photopribor.ck.ua, erc.ua, www.morozov.com.ua, www.malyshevplant.com, zmturbines.com
Targets from prev attack(19): www.wymetro.com, www.harwichtowncouncil.co.uk, www.suffolk.gov.uk, www.icosawater.co.uk, exeter.gov.uk, my.suffolkchamber.co.uk, www.blackburn.gov.uk, my.yorkshirewater.com, www.trafford.gov.uk, www.suffolkchamber.co.uk, www.dwrcymru.com, www.findmystreet.co.uk, www.eastmidlands-cca.gov.uk, my.blackburn.gov.uk, www.yorkshirewater.com, nationalhighways.co.uk, www.scottishwater.co.uk, www.energybrokers.co.uk, my.trafford.gov.uk
Dismissed Targets(0):

Detected attack on 2026-01-28_11-12-16

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 11:12:16 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom. The attacked sites include local government and utility services, indicating a focus on critical infrastructure. Key regions under attack include Yorkshire, Suffolk, and areas served by local councils such as Trafford and Blackburn. The assaults suggest a coordinated effort to disrupt public services and access to essential information.^{AI generated}
19 targets are under attack, 0 new targets and 19 targets from previous attack
New Targets(0):
Targets from prev attack(19): www.wymetro.com, www.harwichtowncouncil.co.uk, www.suffolk.gov.uk, www.icosawater.co.uk, exeter.gov.uk, my.suffolkchamber.co.uk, www.blackburn.gov.uk, my.yorkshirewater.com, www.trafford.gov.uk, www.suffolkchamber.co.uk, www.dwrcymru.com, www.findmystreet.co.uk, www.eastmidlands-cca.gov.uk, my.blackburn.gov.uk, www.yorkshirewater.com, nationalhighways.co.uk, www.scottishwater.co.uk, www.energybrokers.co.uk, my.trafford.gov.uk
Dismissed Targets(8): aesgroup.com.ua, www.ferrexpo.ua, spetstechnoexport.com, photopribor.ck.ua, erc.ua, www.morozov.com.ua, www.malyshevplant.com, zmturbines.com

Detected attack on 2026-01-28_11-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 11:05:09 +0000

The recent attacks attributed to noname057 primarily targeted websites in the United Kingdom and Ukraine. Key countries under attack include the UK, with numerous local government and utility websites such as eastmidlands-cca.gov.uk, suffolkchamber.co.uk, and scottishwater.co.uk, alongside various municipal and regional services. In Ukraine, sites like photopribor.ck.ua and malyshevplant.com were also affected, indicating a focus on critical infrastructure and local governance in these regions.^{AI generated}
27 targets are under attack, 8 new targets and 19 targets from previous attack
New Targets(8): photopribor.ck.ua, erc.ua, aesgroup.com.ua, www.malyshevplant.com, zmturbines.com, spetstechnoexport.com, www.ferrexpo.ua, www.morozov.com.ua
Targets from prev attack(19): www.eastmidlands-cca.gov.uk, www.suffolkchamber.co.uk, www.harwichtowncouncil.co.uk, my.yorkshirewater.com, exeter.gov.uk, www.scottishwater.co.uk, www.dwrcymru.com, www.energybrokers.co.uk, my.blackburn.gov.uk, www.wymetro.com, www.blackburn.gov.uk, www.trafford.gov.uk, nationalhighways.co.uk, www.suffolk.gov.uk, www.yorkshirewater.com, www.icosawater.co.uk, www.findmystreet.co.uk, my.suffolkchamber.co.uk, my.trafford.gov.uk
Dismissed Targets(0):

Detected attack on 2026-01-28_07-25-09

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 07:25:09 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom. Key sectors affected include local government, water services, and transportation, with notable sites such as Blackburn, Trafford, and various water utility companies being compromised.^{AI generated}
19 targets are under attack, 1 new targets and 18 targets from previous attack
New Targets(1): www.yorkshirewater.com
Targets from prev attack(18): www.energybrokers.co.uk, www.icosawater.co.uk, my.suffolkchamber.co.uk, www.blackburn.gov.uk, www.harwichtowncouncil.co.uk, www.eastmidlands-cca.gov.uk, exeter.gov.uk, www.suffolkchamber.co.uk, www.scottishwater.co.uk, www.suffolk.gov.uk, www.trafford.gov.uk, nationalhighways.co.uk, my.blackburn.gov.uk, www.findmystreet.co.uk, www.wymetro.com, my.yorkshirewater.com, my.trafford.gov.uk, www.dwrcymru.com
Dismissed Targets(0):

Detected attack on 2026-01-28_07-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 07:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in the United Kingdom. Key sectors affected include local government, transportation, and utilities, with notable attacks on sites like exeter.gov.uk, nationalhighways.co.uk, and scottishwater.co.uk.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): www.icosawater.co.uk, www.findmystreet.co.uk, www.eastmidlands-cca.gov.uk, exeter.gov.uk, www.blackburn.gov.uk, www.wymetro.com, my.suffolkchamber.co.uk, www.scottishwater.co.uk, nationalhighways.co.uk, www.dwrcymru.com, my.yorkshirewater.com, www.trafford.gov.uk, www.harwichtowncouncil.co.uk, my.blackburn.gov.uk, www.suffolkchamber.co.uk, www.energybrokers.co.uk, www.suffolk.gov.uk, my.trafford.gov.uk
Targets from prev attack(0):
Dismissed Targets(21): tochprilad.com, sparing-vist.ua, www.portsmouth.gov.uk, www.tameside.gov.uk, athlonavia.com, ukrjet.ua, deviro.ua, www.mossley-council.co.uk, www.autokraz.com.ua, youraccount.salford.gov.uk, www.bury.gov.uk, oneonline.bradford.gov.uk, chezara-telemetria.com, www.salford.gov.uk, www.dudley.gov.uk, www.keighley.gov.uk, www.cardiff.gov.uk, www.dacorum.gov.uk, www.southtyneside.info, www.hertfordshire.gov.uk, www.azot.com.ua

Detected attack on 2026-01-28_06-05-10

codabar@42de.it (Alfredo Terrone) — Wed, 28 Jan 2026 06:05:10 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom and Ukraine. Notable UK sites include various local government and council websites such as Cardiff, Dudley, and Portsmouth. In Ukraine, the focus is on sites like Ukrjet, Azot, and Autokraz, indicating a significant interest in both governmental and industrial entities in these countries.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): www.cardiff.gov.uk, ukrjet.ua, www.dudley.gov.uk, www.azot.com.ua, www.dacorum.gov.uk, www.hertfordshire.gov.uk, www.mossley-council.co.uk, oneonline.bradford.gov.uk, www.tameside.gov.uk, www.bury.gov.uk, deviro.ua, chezara-telemetria.com, tochprilad.com, athlonavia.com, www.autokraz.com.ua, www.portsmouth.gov.uk, www.salford.gov.uk, sparing-vist.ua, youraccount.salford.gov.uk, www.keighley.gov.uk, www.southtyneside.info
Dismissed Targets(1): www.liverpool.gov.uk

Detected attack on 2026-01-27_11-05-11

codabar@42de.it (Alfredo Terrone) — Tue, 27 Jan 2026 11:05:11 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom and Ukraine. The main countries under attack include the UK, with numerous local government websites such as those from Dacorum, Salford, Hertfordshire, Liverpool, and Cardiff. Additionally, several Ukrainian sites, including autokraz.com.ua and azot.com.ua, have also been compromised. The attacks appear to focus on local government and industry-related websites in these regions.^{AI generated}
22 targets are under attack, 8 new targets and 14 targets from previous attack
New Targets(8): tochprilad.com, sparing-vist.ua, www.autokraz.com.ua, www.azot.com.ua, ukrjet.ua, athlonavia.com, chezara-telemetria.com, deviro.ua
Targets from prev attack(14): oneonline.bradford.gov.uk, www.dacorum.gov.uk, www.southtyneside.info, www.bury.gov.uk, youraccount.salford.gov.uk, www.tameside.gov.uk, www.hertfordshire.gov.uk, www.salford.gov.uk, www.portsmouth.gov.uk, www.dudley.gov.uk, www.liverpool.gov.uk, www.keighley.gov.uk, www.mossley-council.co.uk, www.cardiff.gov.uk
Dismissed Targets(0):

Detected attack on 2026-01-27_07-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 27 Jan 2026 07:05:08 +0000

The sites attacked by noname057(16) primarily belong to local government authorities in the United Kingdom. Key regions under attack include Liverpool, Salford, Dacorum, Portsmouth, Cardiff, Keighley, Hertfordshire, Mossley, South Tyneside, Dudley, Tameside, Bury, and Bradford.^{AI generated}
14 targets are under attack, 14 new targets and 0 targets from previous attack
New Targets(14): www.liverpool.gov.uk, youraccount.salford.gov.uk, www.dacorum.gov.uk, www.portsmouth.gov.uk, www.cardiff.gov.uk, www.keighley.gov.uk, www.hertfordshire.gov.uk, www.salford.gov.uk, www.mossley-council.co.uk, www.southtyneside.info, www.dudley.gov.uk, www.tameside.gov.uk, www.bury.gov.uk, oneonline.bradford.gov.uk
Targets from prev attack(0):
Dismissed Targets(35): www.oxfordbus.co.uk, www.nationalrail.co.uk, mbt.sumy.ua, www.cbi.org.uk, pa.eastcambs.gov.uk, book.aferry.com, vak.com.ua, hdsc.org.uk, www.hastings.gov.uk, mytsy.travelsouthyorkshire.com, jp.merseytravel.gov.uk, my.swiftcard.org.uk, myloan.shawbrook.co.uk, everest24.com.ua, disnet.com.ua, pribor.zp.ua, www.travelsouthyorkshire.com, edinburghtrams.com, tks.sumy.ua, www.bacb.co.uk, www.poferries.com, sitv.com.ua, politics.leics.gov.uk, www.harwich-society.co.uk, esavings.shawbrook.co.uk, www.northlinkferries.co.uk, www.walthamabbey-tc.gov.uk, www.lothianbuses.com, www.coleshilltowncouncil.gov.uk, www.reading-buses.co.uk, www.theaccessbankukltd.co.uk, tec.dp.ua, nadu.com.ua, triolan.com, britten-norman.com

Detected attack on 2026-01-26_11-05-28

codabar@42de.it (Alfredo Terrone) — Mon, 26 Jan 2026 11:05:28 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom and Ukraine. Notable sectors affected include local government, transportation services, and financial institutions. Key countries under attack are the UK, with numerous local councils and transport companies targeted, and Ukraine, where various regional services and businesses have been impacted.^{AI generated}
35 targets are under attack, 10 new targets and 25 targets from previous attack
New Targets(10): pribor.zp.ua, tks.sumy.ua, mbt.sumy.ua, tec.dp.ua, everest24.com.ua, vak.com.ua, disnet.com.ua, triolan.com, sitv.com.ua, nadu.com.ua
Targets from prev attack(25): www.coleshilltowncouncil.gov.uk, www.bacb.co.uk, book.aferry.com, pa.eastcambs.gov.uk, www.travelsouthyorkshire.com, www.harwich-society.co.uk, www.lothianbuses.com, politics.leics.gov.uk, edinburghtrams.com, www.hastings.gov.uk, my.swiftcard.org.uk, www.oxfordbus.co.uk, www.poferries.com, www.theaccessbankukltd.co.uk, www.walthamabbey-tc.gov.uk, myloan.shawbrook.co.uk, jp.merseytravel.gov.uk, britten-norman.com, hdsc.org.uk, www.reading-buses.co.uk, www.cbi.org.uk, www.northlinkferries.co.uk, www.nationalrail.co.uk, mytsy.travelsouthyorkshire.com, esavings.shawbrook.co.uk
Dismissed Targets(0):

Detected attack on 2026-01-26_07-10-09

codabar@42de.it (Alfredo Terrone) — Mon, 26 Jan 2026 07:10:09 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom. Key sectors affected include public transportation, local government, and banking services. Notable sites under attack include various regional transport authorities, local councils, and financial institutions, indicating a focus on critical infrastructure and public services within the UK.^{AI generated}
25 targets are under attack, 21 new targets and 4 targets from previous attack
New Targets(21): jp.merseytravel.gov.uk, www.reading-buses.co.uk, www.northlinkferries.co.uk, www.travelsouthyorkshire.com, esavings.shawbrook.co.uk, book.aferry.com, myloan.shawbrook.co.uk, britten-norman.com, edinburghtrams.com, www.bacb.co.uk, www.lothianbuses.com, my.swiftcard.org.uk, www.oxfordbus.co.uk, mytsy.travelsouthyorkshire.com, www.poferries.com, www.cbi.org.uk, www.hastings.gov.uk, hdsc.org.uk, www.theaccessbankukltd.co.uk, www.harwich-society.co.uk, www.nationalrail.co.uk
Targets from prev attack(4): www.coleshilltowncouncil.gov.uk, politics.leics.gov.uk, www.walthamabbey-tc.gov.uk, pa.eastcambs.gov.uk
Dismissed Targets(21): portal.mmhk.cz, www.zetor.cz, apiagentura.gov.cz, www.gemin.cz, www.havirov-city.cz, sshr.gov.cz, zakazky.lompraha.cz, www.crr.cz, www.ote-cr.cz, zakazky.vlada.cz, www.allotender.cz, zakazky.spravazeleznic.cz, gfr.ezak.cz, www.vinegret.cz, zakazky.nukib.cz, silnicelk.cz, vdb.czso.cz, ezak.allotender.cz, zakazky.cendis.cz, www.susuh.cz, pid.cz

Detected attack on 2026-01-26_07-05-11

codabar@42de.it (Alfredo Terrone) — Mon, 26 Jan 2026 07:05:11 +0000

Noname057(16) has targeted various websites primarily in the Czech Republic and the United Kingdom. The main countries under attack include the Czech Republic, with numerous government and local authority sites affected, and the UK, where local council websites have been compromised. The attacks highlight a focus on both public administration and local governance platforms.^{AI generated}
25 targets are under attack, 4 new targets and 21 targets from previous attack
New Targets(4): www.coleshilltowncouncil.gov.uk, politics.leics.gov.uk, www.walthamabbey-tc.gov.uk, pa.eastcambs.gov.uk
Targets from prev attack(21): portal.mmhk.cz, www.zetor.cz, apiagentura.gov.cz, www.gemin.cz, www.havirov-city.cz, sshr.gov.cz, zakazky.lompraha.cz, www.crr.cz, www.ote-cr.cz, zakazky.spravazeleznic.cz, zakazky.vlada.cz, www.allotender.cz, gfr.ezak.cz, www.vinegret.cz, zakazky.nukib.cz, silnicelk.cz, vdb.czso.cz, ezak.allotender.cz, zakazky.cendis.cz, www.susuh.cz, pid.cz
Dismissed Targets(0):

Detected attack on 2026-01-25_07-05-10

codabar@42de.it (Alfredo Terrone) — Sun, 25 Jan 2026 07:05:10 +0000

Noname057(16) has targeted various websites primarily in the Czech Republic. The attacked sites include government platforms, public procurement portals, and local municipal websites, indicating a focus on critical infrastructure and public services within the country.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): pid.cz, www.ote-cr.cz, ezak.allotender.cz, www.zetor.cz, apiagentura.gov.cz, gfr.ezak.cz, silnicelk.cz, portal.mmhk.cz, www.gemin.cz, vdb.czso.cz, zakazky.nukib.cz, zakazky.spravazeleznic.cz, www.crr.cz, zakazky.lompraha.cz, www.allotender.cz, zakazky.cendis.cz, www.havirov-city.cz, www.susuh.cz, zakazky.vlada.cz, sshr.gov.cz, www.vinegret.cz
Targets from prev attack(0):
Dismissed Targets(21): portal.liberec.cz, exporters.czechtrade.gov.cz, www.prg.aero, isvz.nipez.cz, nen.nipez.cz, www.liberec.cz, mpostrava.cz, stredoceskykraj.cz, www.kr-vysocina.cz, www.khk.cz, portal-vz.cz, www.kraj-jihocesky.cz, aerospace.czechinvest.org, www.policie.cz, www.czechtrade.gov.cz, prumyslovezony.czechinvest.org, notes.czechinvest.org, skd.nipez.cz, www.plzensky-kraj.cz, www.olkraj.cz, klient.czechtrade.gov.cz

Detected attack on 2026-01-25_06-10-09

codabar@42de.it (Alfredo Terrone) — Sun, 25 Jan 2026 06:10:09 +0000

Noname057(16) has primarily targeted websites in the Czech Republic, including government and regional portals. Key sites attacked include those related to investment, trade, and local government, indicating a focus on critical infrastructure and public services within the country.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): prumyslovezony.czechinvest.org, portal-vz.cz, www.policie.cz, www.kraj-jihocesky.cz, portal.liberec.cz, www.olkraj.cz, www.prg.aero, www.czechtrade.gov.cz, klient.czechtrade.gov.cz, mpostrava.cz, www.kr-vysocina.cz, www.khk.cz, skd.nipez.cz, exporters.czechtrade.gov.cz, stredoceskykraj.cz, nen.nipez.cz, www.plzensky-kraj.cz, www.liberec.cz, isvz.nipez.cz, aerospace.czechinvest.org, notes.czechinvest.org
Dismissed Targets(1): isop-vpn.czechinvest.org

Detected attack on 2026-01-24_07-05-09

codabar@42de.it (Alfredo Terrone) — Sat, 24 Jan 2026 07:05:09 +0000

The attacks attributed to noname057 primarily target websites in the Czech Republic. Key sectors affected include government, trade, and aerospace, with various regional and national institutions being compromised. The attacks highlight vulnerabilities within Czech governmental and trade-related platforms.^{AI generated}
22 targets are under attack, 22 new targets and 0 targets from previous attack
New Targets(22): aerospace.czechinvest.org, www.liberec.cz, www.plzensky-kraj.cz, klient.czechtrade.gov.cz, nen.nipez.cz, www.kr-vysocina.cz, exporters.czechtrade.gov.cz, www.policie.cz, isvz.nipez.cz, skd.nipez.cz, www.prg.aero, portal.liberec.cz, portal-vz.cz, prumyslovezony.czechinvest.org, www.khk.cz, www.kraj-jihocesky.cz, www.czechtrade.gov.cz, mpostrava.cz, notes.czechinvest.org, www.olkraj.cz, isop-vpn.czechinvest.org, stredoceskykraj.cz
Targets from prev attack(0):
Dismissed Targets(25): www.financnisprava.cz, lemtrans.com.ua, adisspr.mfcr.cz, danovakobra.gov.cz, www.mojedatovaschranka.cz, lansys.com.ua, www.ukrniat.com, www.excaliburarmy.cz, www.kb.cz, www.srdsc.com, www.krruda.dp.ua, www.tajmac-zps.cz, yuzhmash.com, azocm.postavschiki.ua, arlinnovation.cz, www.finmag.cz, www.dia.gov.cz, www.cez.cz, manurhin.tajmac-zps.cz, www.uohs.cz, www.dss-ua.com, amstor.com, www.kurzy.cz, celnisprava.gov.cz, keramet.com.ua

Detected attack on 2026-01-23_16-15-09

codabar@42de.it (Alfredo Terrone) — Fri, 23 Jan 2026 16:15:09 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and the Czech Republic. Key sectors affected include government services, financial institutions, and various industries, indicating a focus on disrupting critical infrastructure and information systems in these regions.^{AI generated}
25 targets are under attack, 0 new targets and 25 targets from previous attack
New Targets(0):
Targets from prev attack(25): www.ukrniat.com, yuzhmash.com, www.kurzy.cz, www.dia.gov.cz, amstor.com, www.dss-ua.com, www.srdsc.com, manurhin.tajmac-zps.cz, celnisprava.gov.cz, www.tajmac-zps.cz, keramet.com.ua, www.cez.cz, azocm.postavschiki.ua, www.mojedatovaschranka.cz, www.finmag.cz, www.kb.cz, lansys.com.ua, adisspr.mfcr.cz, arlinnovation.cz, www.uohs.cz, danovakobra.gov.cz, www.krruda.dp.ua, www.financnisprava.cz, www.excaliburarmy.cz, lemtrans.com.ua
Dismissed Targets(4): www.ote-cr.cz, www.allotender.cz, ezak.allotender.cz, www.zetor.cz

Detected attack on 2026-01-23_11-05-11

codabar@42de.it (Alfredo Terrone) — Fri, 23 Jan 2026 11:05:11 +0000

Noname057(16) has targeted various websites primarily in Ukraine and the Czech Republic. The attacks include sites related to government, finance, and industry, indicating a focus on critical infrastructure and services. Key countries under attack are Ukraine, with multiple sites like amstor.com and lemtrans.com.ua, and the Czech Republic, featuring sites such as cz, allotender.cz, and financnisprava.cz.^{AI generated}
29 targets are under attack, 10 new targets and 19 targets from previous attack
New Targets(10): www.ukrniat.com, yuzhmash.com, www.krruda.dp.ua, lemtrans.com.ua, azocm.postavschiki.ua, lansys.com.ua, amstor.com, www.dss-ua.com, keramet.com.ua, www.srdsc.com
Targets from prev attack(19): www.zetor.cz, www.allotender.cz, www.tajmac-zps.cz, www.mojedatovaschranka.cz, www.uohs.cz, www.kurzy.cz, www.ote-cr.cz, ezak.allotender.cz, www.excaliburarmy.cz, www.cez.cz, www.financnisprava.cz, manurhin.tajmac-zps.cz, www.dia.gov.cz, www.finmag.cz, www.kb.cz, danovakobra.gov.cz, arlinnovation.cz, adisspr.mfcr.cz, celnisprava.gov.cz
Dismissed Targets(0):

Detected attack on 2026-01-23_07-10-08

codabar@42de.it (Alfredo Terrone) — Fri, 23 Jan 2026 07:10:08 +0000

The attacks by noname057 primarily targeted websites in the Czech Republic. Key sectors affected include government services, finance, and technology. Notable attacked sites include the Ministry of the Interior, the Financial Administration, and various public and private institutions, indicating a focus on critical infrastructure and public services within the country.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): www.dia.gov.cz, celnisprava.gov.cz, www.ote-cr.cz, www.allotender.cz, www.kurzy.cz, www.financnisprava.cz, www.tajmac-zps.cz, arlinnovation.cz, www.cez.cz, adisspr.mfcr.cz, www.zetor.cz, manurhin.tajmac-zps.cz, www.mojedatovaschranka.cz, www.excaliburarmy.cz, www.uohs.cz, danovakobra.gov.cz, ezak.allotender.cz, www.finmag.cz, www.kb.cz
Targets from prev attack(0):
Dismissed Targets(31): komnbor.rada.gov.ua, www.justice.cz, silnicelk.cz, system.pid.cz, komzakonpr.rada.gov.ua, mpolicie.c-budejovice.cz, komtrans.rada.gov.ua, mapa.pid.cz, www.suskm.cz, pardubice.eu, www.havirov-city.cz, kompravpol.rada.gov.ua, kompek.rada.gov.ua, komfinbank.rada.gov.ua, eportal.pardubice.eu, www.c-budejovice.cz, www.zlin.eu, www.mesto-most.cz, mzv.gov.cz, verejne-zakazky-zadavatele.ezak.cz, pid.cz, www.susuh.cz, kompravlud.rada.gov.ua, www.mestokladno.cz, komsamovr.rada.gov.ua, mze.gov.cz, www.hradeckralove.org, www.mpo.gov.cz, www.senat.cz, portal.mmhk.cz, smlouvy.gov.cz

Detected attack on 2026-01-22_11-15-08

codabar@42de.it (Alfredo Terrone) — Thu, 22 Jan 2026 11:15:08 +0000

The attacks by noname057 primarily targeted websites in the Czech Republic and Ukraine. Notable targets include government and municipal sites such as the Ministry of the Interior of the Czech Republic, various regional administrations, and public service portals. The attacks highlight a focus on critical infrastructure and public services in these countries.^{AI generated}
31 targets are under attack, 7 new targets and 24 targets from previous attack
New Targets(7): kompravlud.rada.gov.ua, komtrans.rada.gov.ua, komzakonpr.rada.gov.ua, komnbor.rada.gov.ua, kompravpol.rada.gov.ua, komsamovr.rada.gov.ua, kompek.rada.gov.ua
Targets from prev attack(24): www.mpo.gov.cz, www.justice.cz, smlouvy.gov.cz, portal.mmhk.cz, www.c-budejovice.cz, verejne-zakazky-zadavatele.ezak.cz, www.zlin.eu, silnicelk.cz, mze.gov.cz, pardubice.eu, eportal.pardubice.eu, www.hradeckralove.org, www.havirov-city.cz, www.susuh.cz, mzv.gov.cz, www.suskm.cz, mpolicie.c-budejovice.cz, komfinbank.rada.gov.ua, www.mesto-most.cz, www.senat.cz, mapa.pid.cz, www.mestokladno.cz, system.pid.cz, pid.cz
Dismissed Targets(0):

Detected attack on 2026-01-22_11-05-22

codabar@42de.it (Alfredo Terrone) — Thu, 22 Jan 2026 11:05:22 +0000

The attacks by noname057(16) primarily targeted websites in the Czech Republic, including government and municipal sites. Notable sites affected include silnicelk.cz, senat.cz, and mze.gov.cz, indicating a focus on public institutions. Additionally, the attacks extended to some Ukrainian sites, such as komfinbank.rada.gov.ua, highlighting a broader regional impact. Overall, the main countries under attack appear to be the Czech Republic and Ukraine.^{AI generated}
24 targets are under attack, 1 new targets and 23 targets from previous attack
New Targets(1): komfinbank.rada.gov.ua
Targets from prev attack(23): silnicelk.cz, www.senat.cz, www.havirov-city.cz, www.suskm.cz, pid.cz, eportal.pardubice.eu, mapa.pid.cz, verejne-zakazky-zadavatele.ezak.cz, www.mpo.gov.cz, system.pid.cz, www.zlin.eu, www.susuh.cz, mze.gov.cz, portal.mmhk.cz, www.c-budejovice.cz, smlouvy.gov.cz, www.hradeckralove.org, mpolicie.c-budejovice.cz, www.mestokladno.cz, pardubice.eu, mzv.gov.cz, www.justice.cz, www.mesto-most.cz
Dismissed Targets(0):

Detected attack on 2026-01-22_07-10-13

codabar@42de.it (Alfredo Terrone) — Thu, 22 Jan 2026 07:10:13 +0000

The websites targeted by noname057 include various government and municipal sites primarily from the Czech Republic. Key attacked entities involve the Ministry of Foreign Affairs, local city governments, and public procurement portals, indicating a focus on governmental infrastructure within the country.^{AI generated}
23 targets are under attack, 23 new targets and 0 targets from previous attack
New Targets(23): www.mpo.gov.cz, www.mestokladno.cz, mzv.gov.cz, verejne-zakazky-zadavatele.ezak.cz, www.mesto-most.cz, www.susuh.cz, mpolicie.c-budejovice.cz, www.hradeckralove.org, mze.gov.cz, portal.mmhk.cz, www.senat.cz, pardubice.eu, www.suskm.cz, smlouvy.gov.cz, www.c-budejovice.cz, system.pid.cz, pid.cz, mapa.pid.cz, www.havirov-city.cz, www.justice.cz, www.zlin.eu, silnicelk.cz, eportal.pardubice.eu
Targets from prev attack(0):
Dismissed Targets(26): zakazky.nukib.cz, zakazky.caa.cz, www.morozov.com.ua, ezak.cz, www.gemin.cz, zakazky.eru.gov.cz, www.mvcr.cz, www.malyshevplant.com, www.test.khadb.kh.ua, www.kza.com.ua, financnigramotnost.mfcr.cz, zakazky.spravazeleznic.cz, zakazky.cendis.cz, mfcr.ezak.cz, zakazky.vlada.cz, apiagentura.gov.cz, sshr.gov.cz, zakazky.sshr.cz, zakazky.cesnet.cz, spetstechnoexport.com, apao.mfcr.cz, www.iskra.zp.ua, zmturbines.com, zakazky.lompraha.cz, gfr.ezak.cz, www.ferrexpo.ua

Detected attack on 2026-01-22_06-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 22 Jan 2026 06:05:08 +0000

The attacks by noname057(16) primarily targeted websites in Ukraine and the Czech Republic. Key sites affected include various governmental and commercial platforms, indicating a focus on critical infrastructure and public services in these countries.^{AI generated}
26 targets are under attack, 0 new targets and 26 targets from previous attack
New Targets(0):
Targets from prev attack(26): www.kza.com.ua, zakazky.vlada.cz, ezak.cz, www.iskra.zp.ua, www.test.khadb.kh.ua, www.ferrexpo.ua, spetstechnoexport.com, zakazky.sshr.cz, zakazky.eru.gov.cz, zakazky.cesnet.cz, zakazky.spravazeleznic.cz, www.morozov.com.ua, www.malyshevplant.com, zmturbines.com, zakazky.caa.cz, mfcr.ezak.cz, gfr.ezak.cz, sshr.gov.cz, financnigramotnost.mfcr.cz, zakazky.cendis.cz, zakazky.lompraha.cz, www.gemin.cz, www.mvcr.cz, apao.mfcr.cz, apiagentura.gov.cz, zakazky.nukib.cz
Dismissed Targets(1): www.mfcr.cz

Detected attack on 2026-01-21_11-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 21 Jan 2026 11:05:09 +0000

The attacks attributed to noname057 primarily target websites in the Czech Republic and Ukraine. Key sectors affected include government agencies, financial institutions, and various private companies. Notable sites include those of the Czech Ministry of Finance, several Ukrainian businesses, and various procurement platforms.^{AI generated}
27 targets are under attack, 8 new targets and 19 targets from previous attack
New Targets(8): www.ferrexpo.ua, www.morozov.com.ua, www.kza.com.ua, www.iskra.zp.ua, www.test.khadb.kh.ua, spetstechnoexport.com, www.malyshevplant.com, zmturbines.com
Targets from prev attack(19): mfcr.ezak.cz, gfr.ezak.cz, www.gemin.cz, zakazky.eru.gov.cz, financnigramotnost.mfcr.cz, zakazky.spravazeleznic.cz, ezak.cz, zakazky.cendis.cz, zakazky.lompraha.cz, zakazky.caa.cz, zakazky.cesnet.cz, www.mfcr.cz, zakazky.vlada.cz, www.mvcr.cz, apao.mfcr.cz, apiagentura.gov.cz, sshr.gov.cz, zakazky.nukib.cz, zakazky.sshr.cz
Dismissed Targets(0):

Detected attack on 2026-01-21_07-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 21 Jan 2026 07:05:09 +0000

The sites attacked by noname057(16) primarily belong to the Czech Republic. Key institutions targeted include various government and public procurement websites, indicating a focus on disrupting governmental operations and services.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): apao.mfcr.cz, zakazky.cendis.cz, ezak.cz, www.mfcr.cz, financnigramotnost.mfcr.cz, www.mvcr.cz, zakazky.nukib.cz, zakazky.lompraha.cz, zakazky.vlada.cz, zakazky.sshr.cz, zakazky.eru.gov.cz, zakazky.spravazeleznic.cz, gfr.ezak.cz, sshr.gov.cz, zakazky.caa.cz, apiagentura.gov.cz, mfcr.ezak.cz, zakazky.cesnet.cz, www.gemin.cz
Targets from prev attack(0):
Dismissed Targets(25): aerospace.czechinvest.org, www.crr.cz, exporters.czechtrade.gov.cz, www.mo.gov.cz, www.bis.cz, www.vinegret.cz, www.ism.kiev.ua, www.european-transfers.cz, acr.mo.gov.cz, www.czechtrade.gov.cz, mise.mo.gov.cz, www.orion.te.ua, optak.gov.cz, prumyslovezony.czechinvest.org, klient.czechtrade.gov.cz, pribor.zp.ua, vdb.czso.cz, www.materials.kiev.ua, www.pse.cz, temp3000.com, lreri.tripod.com, www.policie.cz, notes.czechinvest.org, dip.gov.cz, merydian.kiev.ua

Detected attack on 2026-01-21_06-05-08

codabar@42de.it (Alfredo Terrone) — Wed, 21 Jan 2026 06:05:08 +0000

The attacks attributed to noname057(16) primarily targeted websites in the Czech Republic and Ukraine. Key sectors affected include government, trade, and investment-related sites, indicating a focus on disrupting national infrastructure and economic activities. Notable domains include various Czech government and trade organizations, as well as Ukrainian entities, highlighting the geopolitical tensions in the region.^{AI generated}
25 targets are under attack, 0 new targets and 25 targets from previous attack
New Targets(0):
Targets from prev attack(25): lreri.tripod.com, www.crr.cz, www.czechtrade.gov.cz, temp3000.com, notes.czechinvest.org, exporters.czechtrade.gov.cz, www.european-transfers.cz, www.orion.te.ua, klient.czechtrade.gov.cz, merydian.kiev.ua, acr.mo.gov.cz, www.vinegret.cz, dip.gov.cz, www.mo.gov.cz, pribor.zp.ua, vdb.czso.cz, www.bis.cz, www.ism.kiev.ua, optak.gov.cz, mise.mo.gov.cz, prumyslovezony.czechinvest.org, www.materials.kiev.ua, www.pse.cz, www.policie.cz, aerospace.czechinvest.org
Dismissed Targets(1): isop-vpn.czechinvest.org

Detected attack on 2026-01-20_11-10-07

codabar@42de.it (Alfredo Terrone) — Tue, 20 Jan 2026 11:10:07 +0000

The attacks by noname057 primarily target websites in the Czech Republic and Ukraine. Key sectors affected include trade, government, and various industries, with notable entities such as CzechTrade, the Ministry of Agriculture, and local Ukrainian organizations being compromised.^{AI generated}
26 targets are under attack, 7 new targets and 19 targets from previous attack
New Targets(7): temp3000.com, www.orion.te.ua, lreri.tripod.com, www.ism.kiev.ua, pribor.zp.ua, merydian.kiev.ua, www.materials.kiev.ua
Targets from prev attack(19): www.vinegret.cz, exporters.czechtrade.gov.cz, www.mo.gov.cz, dip.gov.cz, acr.mo.gov.cz, prumyslovezony.czechinvest.org, www.crr.cz, klient.czechtrade.gov.cz, vdb.czso.cz, notes.czechinvest.org, www.bis.cz, www.european-transfers.cz, optak.gov.cz, www.pse.cz, www.policie.cz, www.czechtrade.gov.cz, isop-vpn.czechinvest.org, mise.mo.gov.cz, aerospace.czechinvest.org
Dismissed Targets(0):

Detected attack on 2026-01-20_07-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 20 Jan 2026 07:10:08 +0000

The attacks attributed to noname057 primarily target websites in the Czech Republic. Key sectors affected include government, trade, and law enforcement, with notable domains such as czechinvest.org, czechtrade.gov.cz, and policie.cz among those compromised. The focus on these sites indicates an interest in disrupting national infrastructure and economic activities within the country.^{AI generated}
19 targets are under attack, 19 new targets and 0 targets from previous attack
New Targets(19): aerospace.czechinvest.org, www.crr.cz, www.czechtrade.gov.cz, mise.mo.gov.cz, www.policie.cz, www.european-transfers.cz, dip.gov.cz, www.mo.gov.cz, vdb.czso.cz, exporters.czechtrade.gov.cz, notes.czechinvest.org, isop-vpn.czechinvest.org, klient.czechtrade.gov.cz, www.bis.cz, acr.mo.gov.cz, optak.gov.cz, www.vinegret.cz, prumyslovezony.czechinvest.org, www.pse.cz
Targets from prev attack(0):
Dismissed Targets(28): alfagarant.com, www.grawe.ua, www.khk.cz, ftp.prg.aero, nen.nipez.cz, www.csadplzen.cz, mpostrava.cz, insurance.vidi.ua, stredoceskykraj.cz, portal.liberec.cz, www.liberec.cz, www.kraj-jihocesky.cz, www.busin.com.ua, www.tsml.cz, www.frydekmistek.cz, www.aska-life.com.ua, skd.nipez.cz, www.plzensky-kraj.cz, isvz.nipez.cz, www.kr-vysocina.cz, askods.com, velta.kiev.ua, www.prg.aero, skveles.kiev.ua, pidlitacka.cz, portal-vz.cz, www.olkraj.cz, brno-turany-airport.taxi-transfers.cz

Detected attack on 2026-01-19_11-05-09

codabar@42de.it (Alfredo Terrone) — Mon, 19 Jan 2026 11:05:09 +0000

The attacks by noname057(16) primarily target websites in the Czech Republic and Ukraine. Key affected sites include various regional and municipal websites from the Czech Republic, such as skd.nipez.cz, khk.cz, and plzensky-kraj.cz. In Ukraine, sites like skveles.kiev.ua and velta.kiev.ua have been compromised. The attacks highlight a focus on local government and service-related platforms in these two countries.^{AI generated}
28 targets are under attack, 8 new targets and 20 targets from previous attack
New Targets(8): skveles.kiev.ua, insurance.vidi.ua, www.aska-life.com.ua, www.grawe.ua, askods.com, alfagarant.com, www.busin.com.ua, velta.kiev.ua
Targets from prev attack(20): skd.nipez.cz, www.khk.cz, www.tsml.cz, www.frydekmistek.cz, portal-vz.cz, isvz.nipez.cz, www.plzensky-kraj.cz, nen.nipez.cz, www.kraj-jihocesky.cz, www.prg.aero, www.csadplzen.cz, ftp.prg.aero, brno-turany-airport.taxi-transfers.cz, mpostrava.cz, www.liberec.cz, www.kr-vysocina.cz, pidlitacka.cz, stredoceskykraj.cz, portal.liberec.cz, www.olkraj.cz
Dismissed Targets(0):

Detected attack on 2026-01-19_07-05-08

codabar@42de.it (Alfredo Terrone) — Mon, 19 Jan 2026 07:05:08 +0000

The attacks by noname057(16) primarily targeted websites in the Czech Republic. Key cities affected include Frydek-Mistek, Plzen, Brno, and Liberec. The attacks impacted various sectors, including transportation, regional government, and local services.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.frydekmistek.cz, www.csadplzen.cz, brno-turany-airport.taxi-transfers.cz, mpostrava.cz, www.khk.cz, ftp.prg.aero, skd.nipez.cz, www.liberec.cz, www.kraj-jihocesky.cz, portal-vz.cz, isvz.nipez.cz, pidlitacka.cz, www.plzensky-kraj.cz, www.prg.aero, www.olkraj.cz, www.kr-vysocina.cz, portal.liberec.cz, www.tsml.cz, stredoceskykraj.cz, nen.nipez.cz
Targets from prev attack(0):
Dismissed Targets(18): www.cenzin.com, pho.pl, www.nowytarg.pl, www.powiatzary.pl, sklep.stomil-bydgoszcz.pl, www.lubelskie.pl, ochrona.orlen.pl, www.slaskie.pl, obrum.pl, www.powiat.kielce.pl, www.zmt.tarnow.pl, mazovia.pl, wolomin.org, skm.warszawa.pl, www.kielce.uw.gov.pl, krs-pobierz.pl, mazowieckie.com.pl, www.kielce.eu

Detected attack on 2026-01-18_07-10-08

codabar@42de.it (Alfredo Terrone) — Sun, 18 Jan 2026 07:10:08 +0000

The attacks attributed to noname057 primarily target websites in Poland. Key regions under attack include Silesia, Mazovia, and Lubusz, with various local government and transportation sites being affected. The attacks highlight a specific focus on Polish institutions and services.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): www.slaskie.pl, www.cenzin.com, mazovia.pl, mazowieckie.com.pl, www.powiatzary.pl, www.nowytarg.pl, skm.warszawa.pl, pho.pl, www.kielce.eu, obrum.pl, www.kielce.uw.gov.pl, sklep.stomil-bydgoszcz.pl, www.powiat.kielce.pl, www.lubelskie.pl, wolomin.org, www.zmt.tarnow.pl, ochrona.orlen.pl, krs-pobierz.pl
Targets from prev attack(0):
Dismissed Targets(17): www.mpk.poznan.pl, www.blik.com, dezamet.com.pl, umwd.dolnyslask.pl, www.powiat.tarnow.pl, www.powiat.zgierz.pl, gamrat.pl, www.krakow.pl, www.nowysacz.pl, www.miasto.zgierz.pl, www.orlen.pl, warmia.mazury.pl, powiat.krakow.pl, nowosadecki.iap.pl, www.erzeszow.pl, elta.com.pl, www.malopolskie.pl

Detected attack on 2026-01-17_07-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 17 Jan 2026 07:10:08 +0000

Noname057(16) has targeted various websites primarily located in Poland. The attacked sites include municipal and regional government portals, as well as companies in sectors like energy and transportation. Key cities under attack include Erzeszów, Kraków, and Poznań, reflecting a focus on local governance and infrastructure.^{AI generated}
17 targets are under attack, 0 new targets and 17 targets from previous attack
New Targets(0):
Targets from prev attack(17): www.erzeszow.pl, www.malopolskie.pl, www.orlen.pl, www.mpk.poznan.pl, powiat.krakow.pl, www.krakow.pl, www.powiat.tarnow.pl, gamrat.pl, www.nowysacz.pl, elta.com.pl, dezamet.com.pl, www.powiat.zgierz.pl, nowosadecki.iap.pl, www.blik.com, warmia.mazury.pl, www.miasto.zgierz.pl, umwd.dolnyslask.pl
Dismissed Targets(6): yuzhmash.com, octavacapital.ua, roboneers.net, www.ukrniat.com, szczecin.eu, polishdefenceindustry.gov.pl

Detected attack on 2026-01-17_07-05-08

codabar@42de.it (Alfredo Terrone) — Sat, 17 Jan 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Poland and Ukraine. The main countries under attack include Poland, with numerous local government and defense-related sites compromised, and Ukraine, with attacks on both private and public sector websites. These incidents highlight the ongoing cyber threats faced by these nations, particularly in the context of geopolitical tensions.^{AI generated}
23 targets are under attack, 17 new targets and 6 targets from previous attack
New Targets(17): www.erzeszow.pl, www.malopolskie.pl, www.orlen.pl, www.mpk.poznan.pl, powiat.krakow.pl, www.krakow.pl, www.powiat.tarnow.pl, gamrat.pl, www.nowysacz.pl, elta.com.pl, dezamet.com.pl, www.powiat.zgierz.pl, nowosadecki.iap.pl, www.blik.com, warmia.mazury.pl, www.miasto.zgierz.pl, umwd.dolnyslask.pl
Targets from prev attack(6): yuzhmash.com, octavacapital.ua, roboneers.net, www.ukrniat.com, szczecin.eu, polishdefenceindustry.gov.pl
Dismissed Targets(17): www.dss-ua.com, www.azot.com.ua, www.orlenpoludnie.pl, transport.orlen.pl, powiat.klodzko.pl, vc.orlen.pl, lansys.com.ua, serwis.orlen.pl, www.opolskie.pl, www.kujawsko-pomorskie.pl, www.um.klodzko.pl, www.orange.pl, projekt.orlen.pl, amstor.com, paliwa.orlen.pl, anwil.orlen.pl, azocm.postavschiki.ua

Detected attack on 2026-01-16_16-05-10

codabar@42de.it (Alfredo Terrone) — Fri, 16 Jan 2026 16:05:10 +0000

The attacks by noname057(16) primarily targeted websites in Poland and Ukraine. Key sectors affected include transportation, energy, and local government services. Notable Polish sites include those related to the Orlen Group and various regional government portals. Ukrainian targets include transportation and industrial sites, reflecting a focus on critical infrastructure in both countries.^{AI generated}
23 targets are under attack, 0 new targets and 23 targets from previous attack
New Targets(0):
Targets from prev attack(23): vc.orlen.pl, powiat.klodzko.pl, lansys.com.ua, transport.orlen.pl, www.kujawsko-pomorskie.pl, roboneers.net, yuzhmash.com, amstor.com, www.dss-ua.com, www.orange.pl, www.orlenpoludnie.pl, projekt.orlen.pl, anwil.orlen.pl, www.ukrniat.com, paliwa.orlen.pl, azocm.postavschiki.ua, serwis.orlen.pl, www.opolskie.pl, www.um.klodzko.pl, polishdefenceindustry.gov.pl, www.azot.com.ua, octavacapital.ua, szczecin.eu
Dismissed Targets(6): sklep.stomil-bydgoszcz.pl, ochrona.orlen.pl, krs-pobierz.pl, wolomin.org, mazovia.pl, www.nowytarg.pl

Detected attack on 2026-01-16_11-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 16 Jan 2026 11:05:08 +0000

The attacks attributed to noname057 primarily target websites in Poland and Ukraine. Key sectors affected include telecommunications, local government, transportation, and defense. The attackers have focused on both public institutions and private companies, highlighting a strategic interest in critical infrastructure and regional stability.^{AI generated}
29 targets are under attack, 9 new targets and 20 targets from previous attack
New Targets(9): amstor.com, roboneers.net, octavacapital.ua, azocm.postavschiki.ua, yuzhmash.com, www.dss-ua.com, www.azot.com.ua, lansys.com.ua, www.ukrniat.com
Targets from prev attack(20): www.orange.pl, ochrona.orlen.pl, krs-pobierz.pl, www.um.klodzko.pl, transport.orlen.pl, powiat.klodzko.pl, mazovia.pl, anwil.orlen.pl, wolomin.org, polishdefenceindustry.gov.pl, paliwa.orlen.pl, serwis.orlen.pl, www.nowytarg.pl, www.orlenpoludnie.pl, www.opolskie.pl, vc.orlen.pl, www.kujawsko-pomorskie.pl, projekt.orlen.pl, szczecin.eu, sklep.stomil-bydgoszcz.pl
Dismissed Targets(0):

Detected attack on 2026-01-16_07-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 16 Jan 2026 07:05:08 +0000

The attacks attributed to noname057 primarily target websites in Poland. Key affected domains include municipal sites such as szczecin.eu and www.um.klodzko.pl, as well as various regional and governmental platforms like kujawsko-pomorskie.pl and polishdefenceindustry.gov.pl. Additionally, several sites related to the Orlen Group, a major Polish oil and gas company, have been compromised, including projekt.orlen.pl and sklep.stomil-bydgoszcz.pl. Overall, the attacks reflect a concentrated focus on Polish institutions and industries.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): szczecin.eu, www.um.klodzko.pl, www.kujawsko-pomorskie.pl, projekt.orlen.pl, mazovia.pl, ochrona.orlen.pl, anwil.orlen.pl, www.nowytarg.pl, paliwa.orlen.pl, www.orange.pl, polishdefenceindustry.gov.pl, wolomin.org, krs-pobierz.pl, serwis.orlen.pl, powiat.klodzko.pl, www.opolskie.pl, transport.orlen.pl, vc.orlen.pl, www.orlenpoludnie.pl, sklep.stomil-bydgoszcz.pl
Targets from prev attack(0):
Dismissed Targets(27): www.bieszczadzki.pl, www.czarnabialostocka.pl, loga.gov.ua, www.vmr.gov.ua, www.powiat.kielce.pl, www.kielce.eu, smr.gov.ua, www.poznan.pl, www.czestochowa.pl, lublin.eu, www.sosnowiec.pl, zp.gov.ua, www.powiat.lublin.pl, www.slaskie.pl, www.wejherowo.pl, adm.dp.gov.ua, www.poznan.uw.gov.pl, www.kartuzy.pl, kartuskipowiat.pl, www.kielce.uw.gov.pl, ustrzyki-dolne.pl, www.lubelskie.pl, www.rada-poltava.gov.ua, www.opole.pl, mariupolrada.gov.ua, www.powiatzary.pl, lubuskie.pl

Detected attack on 2026-01-15_11-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 15 Jan 2026 11:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Ukraine and Poland. Key Ukrainian sites include various government and local administrative portals, such as those from Poltava, Lviv, and Mariupol. In Poland, the attacks affected regional and municipal websites, including those from Lubusz, Silesia, and the city of Poznań. Overall, the focus of these attacks highlights a significant cyber threat landscape in Eastern Europe, particularly affecting governmental and administrative functions.^{AI generated}
27 targets are under attack, 7 new targets and 20 targets from previous attack
New Targets(7): www.rada-poltava.gov.ua, adm.dp.gov.ua, zp.gov.ua, smr.gov.ua, www.vmr.gov.ua, loga.gov.ua, mariupolrada.gov.ua
Targets from prev attack(20): www.lubelskie.pl, www.slaskie.pl, www.kartuzy.pl, www.czestochowa.pl, lubuskie.pl, www.poznan.uw.gov.pl, www.kielce.uw.gov.pl, www.powiat.kielce.pl, www.sosnowiec.pl, www.poznan.pl, www.powiatzary.pl, www.bieszczadzki.pl, www.czarnabialostocka.pl, www.powiat.lublin.pl, www.opole.pl, kartuskipowiat.pl, lublin.eu, www.kielce.eu, www.wejherowo.pl, ustrzyki-dolne.pl
Dismissed Targets(0):

Detected attack on 2026-01-15_07-05-09

codabar@42de.it (Alfredo Terrone) — Thu, 15 Jan 2026 07:05:09 +0000

The attacks by noname057(16) primarily targeted websites in Poland. Key cities under attack include Wejherowo, Czarna Białostocka, Sosnowiec, Zary, Kartuzy, Lublin, Częstochowa, Opole, Kielce, and Poznań. The attacks affected various regional and local government sites, indicating a focus on Polish administrative and municipal online presence.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.wejherowo.pl, www.czarnabialostocka.pl, www.sosnowiec.pl, www.powiatzary.pl, kartuskipowiat.pl, lublin.eu, www.czestochowa.pl, www.opole.pl, www.kielce.eu, www.poznan.pl, www.powiat.kielce.pl, www.poznan.uw.gov.pl, www.slaskie.pl, www.powiat.lublin.pl, www.lubelskie.pl, www.kielce.uw.gov.pl, www.bieszczadzki.pl, lubuskie.pl, ustrzyki-dolne.pl, www.kartuzy.pl
Targets from prev attack(0):
Dismissed Targets(28): www.zmt.tarnow.pl, zdm-przemysl.com, www.srdsc.com, energa-oswietlenie.pl, keramet.com.ua, obrum.pl, www.cenzin.com, rafineriagdanska.pl, zkr.com.ua, www.pzlmielec.pl, www.energa-kogeneracja.pl, www.krruda.dp.ua, www.tor.gov.ua, lotosgeonafta.pl, www.test.khadb.kh.ua, pho.pl, stomil-bydgoszcz.pl, www.kza.com.ua, www.maskpol.com.pl, lemtrans.com.ua, mazowieckie.com.pl, energa-wytwarzanie.pl, www.abw.gov.pl, www.kvsz.com, skm.warszawa.pl, www.iskra.zp.ua, energaostroleka.pl, www.mesko.com.pl

Detected attack on 2026-01-14_11-05-10

codabar@42de.it (Alfredo Terrone) — Wed, 14 Jan 2026 11:05:10 +0000

The attacks attributed to noname057(16) primarily target websites in Poland and Ukraine. Notable Polish sites include zmt.tarnow.pl, energaostroleka.pl, and mazowieckie.com.pl, while Ukrainian sites include keramet.com.ua, lemtrans.com.ua, and iskra.zp.ua. The attacks seem to focus on various sectors, including energy, transportation, and government services.^{AI generated}
28 targets are under attack, 10 new targets and 18 targets from previous attack
New Targets(10): www.krruda.dp.ua, keramet.com.ua, www.test.khadb.kh.ua, www.iskra.zp.ua, www.tor.gov.ua, zkr.com.ua, lemtrans.com.ua, www.kvsz.com, www.kza.com.ua, www.srdsc.com
Targets from prev attack(18): energaostroleka.pl, www.maskpol.com.pl, mazowieckie.com.pl, www.zmt.tarnow.pl, www.energa-kogeneracja.pl, rafineriagdanska.pl, skm.warszawa.pl, www.mesko.com.pl, zdm-przemysl.com, energa-oswietlenie.pl, www.abw.gov.pl, lotosgeonafta.pl, stomil-bydgoszcz.pl, www.pzlmielec.pl, www.cenzin.com, obrum.pl, energa-wytwarzanie.pl, pho.pl
Dismissed Targets(0):

Detected attack on 2026-01-14_07-10-07

codabar@42de.it (Alfredo Terrone) — Wed, 14 Jan 2026 07:10:07 +0000

The primary countries targeted by the attacks attributed to noname057(16) include Poland, as evidenced by the numerous Polish websites compromised. Notable sectors affected include energy, defense, and manufacturing, with sites such as lotosgeonafta.pl, energa-kogeneracja.pl, and abw.gov.pl being among the victims.^{AI generated}
18 targets are under attack, 16 new targets and 2 targets from previous attack
New Targets(16): lotosgeonafta.pl, stomil-bydgoszcz.pl, www.pzlmielec.pl, zdm-przemysl.com, www.maskpol.com.pl, pho.pl, www.cenzin.com, www.energa-kogeneracja.pl, energa-oswietlenie.pl, energa-wytwarzanie.pl, www.abw.gov.pl, energaostroleka.pl, skm.warszawa.pl, mazowieckie.com.pl, rafineriagdanska.pl, obrum.pl
Targets from prev attack(2): www.zmt.tarnow.pl, www.mesko.com.pl
Dismissed Targets(25): dezamet.com.pl, tochprilad.com, www.mpk.poznan.pl, ukrjet.ua, chezara-telemetria.com, www.inowroclaw.powiat.pl, athlonavia.com, www.blik.com, gamrat.pl, www.azot.com.ua, deviro.ua, login.play.pl, elta.com.pl, pcosa.com.pl, www.belma.pl, sparing-vist.ua, telesystem.eu, www.play.pl, www.pitradwar.com, www.bumar.gliwice.pl, warmia.mazury.pl, umwd.dolnyslask.pl, www.autokraz.com.ua, www.erzeszow.pl, www.nitrochem.com.pl

Detected attack on 2026-01-14_07-05-08

codabar@42de.it (Alfredo Terrone) — Wed, 14 Jan 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Poland and Ukraine. The main countries under attack include Poland, with numerous sites such as dezamet.com.pl, mpk.poznan.pl, and play.pl, as well as Ukraine, with targets like ukrjet.ua and azot.com.ua. Other affected sites include those related to transportation, telecommunications, and local government services.^{AI generated}
27 targets are under attack, 2 new targets and 25 targets from previous attack
New Targets(2): www.zmt.tarnow.pl, www.mesko.com.pl
Targets from prev attack(25): dezamet.com.pl, tochprilad.com, www.mpk.poznan.pl, ukrjet.ua, chezara-telemetria.com, www.inowroclaw.powiat.pl, athlonavia.com, www.blik.com, gamrat.pl, www.azot.com.ua, deviro.ua, login.play.pl, elta.com.pl, pcosa.com.pl, www.belma.pl, sparing-vist.ua, telesystem.eu, www.play.pl, www.pitradwar.com, www.bumar.gliwice.pl, warmia.mazury.pl, umwd.dolnyslask.pl, www.autokraz.com.ua, www.erzeszow.pl, www.nitrochem.com.pl
Dismissed Targets(0):

Detected attack on 2026-01-13_11-05-09

codabar@42de.it (Alfredo Terrone) — Tue, 13 Jan 2026 11:05:09 +0000

Detected attack on 2026-01-13_07-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 13 Jan 2026 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Poland. The attacked sites include municipal, industrial, and telecommunications platforms, indicating a focus on critical infrastructure and local services. Key sectors affected are local government, chemical production, telecommunications, and transportation.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): umwd.dolnyslask.pl, pcosa.com.pl, www.nitrochem.com.pl, www.bumar.gliwice.pl, warmia.mazury.pl, www.inowroclaw.powiat.pl, gamrat.pl, dezamet.com.pl, elta.com.pl, www.blik.com, www.mpk.poznan.pl, www.play.pl, www.pitradwar.com, telesystem.eu, www.erzeszow.pl, www.belma.pl, login.play.pl
Targets from prev attack(0):
Dismissed Targets(30): www.malopolskie.pl, neptun.orlen.pl, www.miasto.zgierz.pl, eko.orlen.pl, energia.orlen.pl, ukrspecexport.com, aviation.orlen.pl, www.krakow.pl, cs.orlen.pl, www.ferrexpo.ua, www.malyshevplant.com, www.nowysacz.pl, ivchenko-progress.com, powiat.krakow.pl, www.morozov.com.ua, erc.ua, budonaft.orlen.pl, cuk.orlen.pl, administracja.orlen.pl, nowosadecki.iap.pl, asfalt.orlen.pl, www.powiat.zgierz.pl, zmturbines.com, spetstechnoexport.com, www.orlen.pl, www.nowotarski.pl, www.tarnow.pl, aesgroup.com.ua, www.powiat.tarnow.pl, photopribor.ck.ua

Detected attack on 2026-01-12_11-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 12 Jan 2026 11:10:08 +0000

The attacks attributed to noname057 primarily targeted websites in Poland and Ukraine. Key sectors affected include local government sites, energy companies, and various industrial organizations. Notable Polish cities under attack include Tarnów, Nowy Sącz, and Kraków, while Ukrainian targets included multiple industrial and export-related entities.^{AI generated}
30 targets are under attack, 10 new targets and 20 targets from previous attack
New Targets(10): ukrspecexport.com, www.ferrexpo.ua, spetstechnoexport.com, zmturbines.com, www.malyshevplant.com, ivchenko-progress.com, aesgroup.com.ua, erc.ua, www.morozov.com.ua, photopribor.ck.ua
Targets from prev attack(20): www.malopolskie.pl, cuk.orlen.pl, www.tarnow.pl, nowosadecki.iap.pl, www.powiat.zgierz.pl, budonaft.orlen.pl, www.nowysacz.pl, www.nowotarski.pl, asfalt.orlen.pl, cs.orlen.pl, administracja.orlen.pl, eko.orlen.pl, www.powiat.tarnow.pl, aviation.orlen.pl, www.miasto.zgierz.pl, www.orlen.pl, energia.orlen.pl, powiat.krakow.pl, neptun.orlen.pl, www.krakow.pl
Dismissed Targets(0):

Detected attack on 2026-01-12_07-15-07

codabar@42de.it (Alfredo Terrone) — Mon, 12 Jan 2026 07:15:07 +0000

The attacks by noname057(16) primarily target websites in Poland, focusing on various sectors including energy, local government, and administration. Notable sites affected include those associated with Orlen, a major energy company, as well as municipal websites from regions like Tarnów, Nowy Sącz, and Kraków.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): energia.orlen.pl, nowosadecki.iap.pl, cuk.orlen.pl, www.powiat.tarnow.pl, www.nowotarski.pl, www.nowysacz.pl, asfalt.orlen.pl, administracja.orlen.pl, www.malopolskie.pl, budonaft.orlen.pl, www.orlen.pl, aviation.orlen.pl, powiat.krakow.pl, www.powiat.zgierz.pl, cs.orlen.pl, www.krakow.pl, eko.orlen.pl, www.miasto.zgierz.pl, www.tarnow.pl, neptun.orlen.pl
Targets from prev attack(0):
Dismissed Targets(11): www.coventrybuildingsociety.co.uk, www.rail.co.uk, www.eastsuffolk.gov.uk, www.dover.gov.uk, pa.eastcambs.gov.uk, www.brandonsuffolk.com, tdcdemocracy.tendringdc.gov.uk, www.suffolkchamber.co.uk, www.harwichtowncouncil.co.uk, www.stirling.gov.uk, resident.dacorum.gov.uk

Detected attack on 2026-01-12_06-15-08

codabar@42de.it (Alfredo Terrone) — Mon, 12 Jan 2026 06:15:08 +0000

The sites attacked by noname057 include various organizations and local government entities primarily from the United Kingdom. Key targeted areas are financial services, transportation, and local councils, indicating a focus on public and community services. The principal countries under attack are the UK, specifically regions like Coventry, Stirling, and Suffolk.^{AI generated}
11 targets are under attack, 0 new targets and 11 targets from previous attack
New Targets(0):
Targets from prev attack(11): www.coventrybuildingsociety.co.uk, www.rail.co.uk, www.stirling.gov.uk, pa.eastcambs.gov.uk, www.brandonsuffolk.com, www.harwichtowncouncil.co.uk, tdcdemocracy.tendringdc.gov.uk, www.suffolkchamber.co.uk, www.eastsuffolk.gov.uk, resident.dacorum.gov.uk, www.dover.gov.uk
Dismissed Targets(1): politics.leics.gov.uk

Detected attack on 2026-01-11_07-05-08

codabar@42de.it (Alfredo Terrone) — Sun, 11 Jan 2026 07:05:08 +0000

The attacks by noname057(16) have primarily targeted websites in the United Kingdom. Key sectors affected include local government sites, chambers of commerce, and financial institutions. Notable targets include Suffolk Chamber, various local councils such as Stirling and Harwich, and organizations like Coventry Building Society. These attacks highlight a focus on regional and municipal entities within the UK.^{AI generated}
12 targets are under attack, 12 new targets and 0 targets from previous attack
New Targets(12): www.suffolkchamber.co.uk, www.stirling.gov.uk, www.rail.co.uk, www.coventrybuildingsociety.co.uk, www.harwichtowncouncil.co.uk, tdcdemocracy.tendringdc.gov.uk, resident.dacorum.gov.uk, pa.eastcambs.gov.uk, politics.leics.gov.uk, www.dover.gov.uk, www.eastsuffolk.gov.uk, www.brandonsuffolk.com
Targets from prev attack(0):
Dismissed Targets(12): www.aldermore.co.uk, www.dacorum.gov.uk, www.eelga.gov.uk, www.leumiuk.com, www.salford.gov.uk, www.hastings.gov.uk, www.dudley.gov.uk, www.southtyneside.info, www.blackburn.gov.uk, youraccount.salford.gov.uk, oneonline.bradford.gov.uk, www.tameside.gov.uk

Detected attack on 2026-01-10_07-05-09

codabar@42de.it (Alfredo Terrone) — Sat, 10 Jan 2026 07:05:09 +0000

The attacks by noname057 primarily targeted websites belonging to local government authorities and financial institutions in the United Kingdom. Key affected regions include Dudley, Salford, South Tyneside, Tameside, Hastings, Dacorum, Blackburn, and financial services in Aldermore and Leumi UK. These attacks highlight a focus on public sector and financial entities within the UK.^{AI generated}
12 targets are under attack, 12 new targets and 0 targets from previous attack
New Targets(12): www.dudley.gov.uk, www.salford.gov.uk, www.southtyneside.info, www.eelga.gov.uk, www.aldermore.co.uk, www.leumiuk.com, www.tameside.gov.uk, oneonline.bradford.gov.uk, youraccount.salford.gov.uk, www.hastings.gov.uk, www.dacorum.gov.uk, www.blackburn.gov.uk
Targets from prev attack(0):
Dismissed Targets(15): www.devon.gov.uk, www.g4s.com, www.heathrowexpress.com, www.gatwickexpress.com, www.britishchambers.org.uk, www.workingtontowncouncil.gov.uk, dehavilland.co.uk, www.mta.org.uk, www.holywood.goesglobal.com, buckfastleigh.gov.uk, www.niesr.ac.uk, www.harwich-society.co.uk, www.earley-tc.gov.uk, www.port-of-felixstowe.co.uk, www.southamptonvts.co.uk

Detected attack on 2026-01-09_13-40-09

codabar@42de.it (Alfredo Terrone) — Fri, 09 Jan 2026 13:40:09 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom. Key sectors affected include local government, transportation, and various organizations, with notable sites including town councils, transportation services, and national organizations.^{AI generated}
15 targets are under attack, 0 new targets and 15 targets from previous attack
New Targets(0):
Targets from prev attack(15): www.earley-tc.gov.uk, www.gatwickexpress.com, www.holywood.goesglobal.com, www.mta.org.uk, www.workingtontowncouncil.gov.uk, www.southamptonvts.co.uk, www.devon.gov.uk, www.g4s.com, dehavilland.co.uk, buckfastleigh.gov.uk, www.harwich-society.co.uk, www.heathrowexpress.com, www.port-of-felixstowe.co.uk, www.niesr.ac.uk, www.britishchambers.org.uk
Dismissed Targets(1): www.stirling.gov.uk

Detected attack on 2026-01-09_13-35-10

codabar@42de.it (Alfredo Terrone) — Fri, 09 Jan 2026 13:35:10 +0000

The attacks attributed to noname057 primarily target websites in the United Kingdom. Key sectors affected include local government, transportation, and various organizations, indicating a focus on public services and infrastructure. Notable sites include those of local councils, transportation services, and educational institutions, highlighting the vulnerabilities within these sectors.^{AI generated}
16 targets are under attack, 0 new targets and 16 targets from previous attack
New Targets(0):
Targets from prev attack(16): www.earley-tc.gov.uk, www.gatwickexpress.com, www.holywood.goesglobal.com, www.mta.org.uk, www.workingtontowncouncil.gov.uk, www.southamptonvts.co.uk, www.devon.gov.uk, www.g4s.com, dehavilland.co.uk, buckfastleigh.gov.uk, www.stirling.gov.uk, www.harwich-society.co.uk, www.heathrowexpress.com, www.port-of-felixstowe.co.uk, www.niesr.ac.uk, www.britishchambers.org.uk
Dismissed Targets(1): www.rail.co.uk

Detected attack on 2026-01-09_07-05-09

codabar@42de.it (Alfredo Terrone) — Fri, 09 Jan 2026 07:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in the United Kingdom. Key sectors affected include transportation, local government, and various organizations, with notable sites such as Gatwick Express, Heathrow Express, and multiple local council websites. The attacks highlight vulnerabilities in critical infrastructure and public services across the UK.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.devon.gov.uk, www.britishchambers.org.uk, www.gatwickexpress.com, www.stirling.gov.uk, www.workingtontowncouncil.gov.uk, www.mta.org.uk, www.g4s.com, dehavilland.co.uk, www.holywood.goesglobal.com, www.heathrowexpress.com, buckfastleigh.gov.uk, www.earley-tc.gov.uk, www.harwich-society.co.uk, www.southamptonvts.co.uk, www.rail.co.uk, www.port-of-felixstowe.co.uk, www.niesr.ac.uk
Targets from prev attack(0):
Dismissed Targets(17): www.harwichharbourferry.com, www.merlinscottassociates.co.uk, www.suffolkpublicrightsofway.org.uk, www.eastsuffolk.gov.uk, tdcdemocracy.tendringdc.gov.uk, felixstowe.gov.uk, www.northeast-ca.gov.uk, www.brandonsuffolk.com, www.dover.gov.uk, www.defenceimagery.mod.uk, www.suffolkchamber.co.uk, parking.bristolairport.co.uk, www.findmystreet.co.uk, my.suffolkchamber.co.uk, www.newmarket.gov.uk, alnwick-tc.gov.uk, www.hullcc.gov.uk

Detected attack on 2026-01-08_07-15-19

codabar@42de.it (Alfredo Terrone) — Thu, 08 Jan 2026 07:15:19 +0000

The sites attacked by noname057(16) primarily belong to local government and community organizations in the United Kingdom. Key targets include various councils and public service websites in England, particularly in regions such as Suffolk, Essex, and the Northeast. The attacks highlight a focus on local governance and public services, affecting accessibility for residents and visitors in these areas.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.eastsuffolk.gov.uk, www.northeast-ca.gov.uk, my.suffolkchamber.co.uk, www.newmarket.gov.uk, www.defenceimagery.mod.uk, www.harwichharbourferry.com, www.hullcc.gov.uk, parking.bristolairport.co.uk, www.suffolkchamber.co.uk, www.brandonsuffolk.com, www.suffolkpublicrightsofway.org.uk, www.dover.gov.uk, tdcdemocracy.tendringdc.gov.uk, www.findmystreet.co.uk, felixstowe.gov.uk, alnwick-tc.gov.uk, www.merlinscottassociates.co.uk
Targets from prev attack(0):
Dismissed Targets(18): www.suffolk.gov.uk, bankline.securebusiness.rbs.co.uk, nationalhighways.co.uk, hdsc.org.uk, www.walthamabbey-tc.gov.uk, www.aldermore.co.uk, www.harwichtowncouncil.co.uk, www.coventrybuildingsociety.co.uk, www.bacb.co.uk, www.nationwide.co.uk, pa.eastcambs.gov.uk, www.blme.com, resident.dacorum.gov.uk, invest.rbs.co.uk, www.leumiuk.com, www.albionwater.co.uk, www.rbs.co.uk, brownshipley.com

Detected attack on 2026-01-07_07-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 07 Jan 2026 07:10:09 +0000

NoName057(16) has targeted various websites primarily in the United Kingdom. The list of attacked sites includes financial institutions, local government portals, and public services, indicating a focus on sectors that manage sensitive data and critical infrastructure. The main countries under attack are the UK, with a significant emphasis on banking and local government entities.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): brownshipley.com, www.aldermore.co.uk, hdsc.org.uk, www.coventrybuildingsociety.co.uk, www.rbs.co.uk, nationalhighways.co.uk, www.albionwater.co.uk, pa.eastcambs.gov.uk, invest.rbs.co.uk, www.bacb.co.uk, www.nationwide.co.uk, resident.dacorum.gov.uk, www.blme.com, www.harwichtowncouncil.co.uk, www.walthamabbey-tc.gov.uk, www.suffolk.gov.uk, bankline.securebusiness.rbs.co.uk, www.leumiuk.com
Targets from prev attack(0):
Dismissed Targets(16): www.eelga.gov.uk, www.kent.gov.uk, www.wymetro.com, www.arun.gov.uk, www.askthe.police.uk, exeter.gov.uk, esavings.shawbrook.co.uk, britten-norman.com, www.scotland.police.uk, swcouncils.gov.uk, burnley.gov.uk, www.westsussex.gov.uk, www.travelsouthyorkshire.com, www.poferries.com, www.theaccessbankukltd.co.uk, www.blackburn.gov.uk

Detected attack on 2026-01-07_06-25-09

codabar@42de.it (Alfredo Terrone) — Wed, 07 Jan 2026 06:25:09 +0000

The attacks by noname057(16) primarily targeted websites in the United Kingdom. Key sectors affected include local government sites, transportation services, and banking institutions. Notable targets include regional council websites from South Yorkshire, Kent, Arun, and West Sussex, as well as transportation services like P&O Ferries and banking services such as Access Bank UK. The incidents highlight a concentrated effort against public sector and transportation-related entities within the UK.^{AI generated}
16 targets are under attack, 0 new targets and 16 targets from previous attack
New Targets(0):
Targets from prev attack(16): www.travelsouthyorkshire.com, www.kent.gov.uk, www.arun.gov.uk, www.poferries.com, www.theaccessbankukltd.co.uk, exeter.gov.uk, www.westsussex.gov.uk, burnley.gov.uk, britten-norman.com, esavings.shawbrook.co.uk, www.blackburn.gov.uk, www.askthe.police.uk, swcouncils.gov.uk, www.eelga.gov.uk, www.wymetro.com, www.scotland.police.uk
Dismissed Targets(1): politics.leics.gov.uk

Detected attack on 2026-01-06_12-20-08

codabar@42de.it (Alfredo Terrone) — Tue, 06 Jan 2026 12:20:08 +0000

Noname057(16) has targeted various websites primarily in the United Kingdom. The attacked sites include local government portals, transportation services, and police websites, indicating a focus on public services and infrastructure. Key regions affected include West Yorkshire, Exeter, Blackburn, West Sussex, Scotland, and Kent. The attacks highlight a significant threat to governmental and public service domains in the UK.^{AI generated}
17 targets are under attack, 1 new targets and 16 targets from previous attack
New Targets(1): www.poferries.com
Targets from prev attack(16): www.wymetro.com, exeter.gov.uk, esavings.shawbrook.co.uk, www.westsussex.gov.uk, www.blackburn.gov.uk, www.scotland.police.uk, www.travelsouthyorkshire.com, www.eelga.gov.uk, swcouncils.gov.uk, www.kent.gov.uk, britten-norman.com, politics.leics.gov.uk, www.arun.gov.uk, burnley.gov.uk, www.theaccessbankukltd.co.uk, www.askthe.police.uk
Dismissed Targets(0):

Detected attack on 2026-01-06_07-05-09

codabar@42de.it (Alfredo Terrone) — Tue, 06 Jan 2026 07:05:09 +0000

The sites attacked by noname057(16) primarily belong to various local government and public service entities in the United Kingdom. Key targets include websites from West Sussex, Exeter, Scotland, and Kent, among others. The attacks indicate a focus on regional councils and public transport services, highlighting the vulnerability of local governmental infrastructure in the UK.^{AI generated}
16 targets are under attack, 16 new targets and 0 targets from previous attack
New Targets(16): www.westsussex.gov.uk, swcouncils.gov.uk, exeter.gov.uk, politics.leics.gov.uk, www.theaccessbankukltd.co.uk, www.scotland.police.uk, www.arun.gov.uk, burnley.gov.uk, www.wymetro.com, www.kent.gov.uk, esavings.shawbrook.co.uk, www.askthe.police.uk, www.eelga.gov.uk, www.blackburn.gov.uk, britten-norman.com, www.travelsouthyorkshire.com
Targets from prev attack(0):
Dismissed Targets(16): www.dudley.gov.uk, www.southtyneside.info, www.bcpcouncil.gov.uk, www.dacorum.gov.uk, www.mossley-council.co.uk, www.hertfordshire.gov.uk, www.portsmouth.gov.uk, www.bristol.gov.uk, www.cardiff.gov.uk, www.hastings.gov.uk, www.keighley.gov.uk, oneonline.bradford.gov.uk, youraccount.salford.gov.uk, www.tameside.gov.uk, www.bury.gov.uk, www.salford.gov.uk

Detected attack on 2026-01-06_06-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 06 Jan 2026 06:10:08 +0000

The attacks by noname057 primarily targeted local government websites in the United Kingdom. Key affected areas include Salford, Cardiff, Bristol, Hertfordshire, Dudley, Hastings, Keighley, Dacorum, Portsmouth, Bradford, Bury, Mossley, Tameside, and Bournemouth, Christchurch, and Poole Council.^{AI generated}
16 targets are under attack, 0 new targets and 16 targets from previous attack
New Targets(0):
Targets from prev attack(16): youraccount.salford.gov.uk, www.cardiff.gov.uk, www.bristol.gov.uk, www.hertfordshire.gov.uk, www.dudley.gov.uk, www.hastings.gov.uk, www.keighley.gov.uk, www.dacorum.gov.uk, www.portsmouth.gov.uk, oneonline.bradford.gov.uk, www.bury.gov.uk, www.mossley-council.co.uk, www.tameside.gov.uk, www.salford.gov.uk, www.bcpcouncil.gov.uk, www.southtyneside.info
Dismissed Targets(1): www.liverpool.gov.uk

Detected attack on 2026-01-05_09-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 05 Jan 2026 09:10:08 +0000

Noname057(16) has targeted various UK local government websites, indicating a focus on the United Kingdom as the principal country under attack. The affected sites include councils from cities such as Hastings, Salford, Dacorum, South Tyneside, BCP, Bristol, Tameside, Bradford, Keighley, Hertfordshire, Portsmouth, Dudley, Cardiff, Liverpool, and Bury.^{AI generated}
17 targets are under attack, 0 new targets and 17 targets from previous attack
New Targets(0):
Targets from prev attack(17): www.hastings.gov.uk, www.salford.gov.uk, www.dacorum.gov.uk, youraccount.salford.gov.uk, www.southtyneside.info, www.bcpcouncil.gov.uk, www.mossley-council.co.uk, www.bristol.gov.uk, www.tameside.gov.uk, oneonline.bradford.gov.uk, www.keighley.gov.uk, www.hertfordshire.gov.uk, www.portsmouth.gov.uk, www.dudley.gov.uk, www.cardiff.gov.uk, www.liverpool.gov.uk, www.bury.gov.uk
Dismissed Targets(17): www.kreis-hz.de, www.bode-holtemme.de, www.mdv-verbundgebiet.de, stiftung-moritzburg.de, www.nowycasnik.de, www.naumburg.de, www.aschersleben.de, www.tangermuende.de, www.saalekreis.de, www.tangerhuette.de, www.wanzleben-boerde.de, www.haldensleben.de, anmeldung.mdv-verbundgebiet.de, www.oscherslebenbode.de, www.cdu.de, www.spd.de, www.magdeburg.de

Detected attack on 2026-01-05_07-05-10

codabar@42de.it (Alfredo Terrone) — Mon, 05 Jan 2026 07:05:10 +0000

The attacks attributed to noname057 primarily target websites in Germany and the United Kingdom. Key countries under attack include Germany, with numerous local government and organizational sites compromised, and the UK, featuring various municipal and governmental websites. The attacks highlight a focus on local governance and public services in these regions.^{AI generated}
34 targets are under attack, 17 new targets and 17 targets from previous attack
New Targets(17): www.cardiff.gov.uk, www.dudley.gov.uk, www.keighley.gov.uk, www.portsmouth.gov.uk, www.bristol.gov.uk, www.liverpool.gov.uk, www.tameside.gov.uk, www.bury.gov.uk, youraccount.salford.gov.uk, www.hertfordshire.gov.uk, www.hastings.gov.uk, www.mossley-council.co.uk, www.southtyneside.info, oneonline.bradford.gov.uk, www.bcpcouncil.gov.uk, www.dacorum.gov.uk, www.salford.gov.uk
Targets from prev attack(17): www.mdv-verbundgebiet.de, www.magdeburg.de, www.cdu.de, www.bode-holtemme.de, www.tangermuende.de, www.kreis-hz.de, stiftung-moritzburg.de, www.saalekreis.de, www.oscherslebenbode.de, www.nowycasnik.de, anmeldung.mdv-verbundgebiet.de, www.tangerhuette.de, www.spd.de, www.naumburg.de, www.wanzleben-boerde.de, www.aschersleben.de, www.haldensleben.de
Dismissed Targets(0):

Detected attack on 2026-01-04_09-05-07

codabar@42de.it (Alfredo Terrone) — Sun, 04 Jan 2026 09:05:07 +0000

The attacks by the group noname057(16) primarily targeted websites in Germany. Key sites affected include various municipal and political websites, such as stiftung-moritzburg.de, haldensleben.de, and spd.de. The attacks spanned across different regions, impacting local government and political party websites, indicating a focus on German institutions and organizations.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): stiftung-moritzburg.de, www.wanzleben-boerde.de, www.haldensleben.de, www.oscherslebenbode.de, www.kreis-hz.de, anmeldung.mdv-verbundgebiet.de, www.spd.de, www.saalekreis.de, www.cdu.de, www.tangermuende.de, www.magdeburg.de, www.bode-holtemme.de, www.nowycasnik.de, www.mdv-verbundgebiet.de, www.tangerhuette.de, www.naumburg.de, www.aschersleben.de
Targets from prev attack(0):
Dismissed Targets(17): reiner-haseloff.de, start-ni-mitte.de, www.sbahn-hannover.de, ludwigshafen.de, bayvebe.bayern.de, www.erfurt.de, www.krone-trailer.com, www.tender24.de, www.wanzleben.de, www.kreis-oh.de, www.l.de, www.dortmund.de, www.vg-arendsee-kalbe.de, haustechniker24h.de, frontend-api.sbahn-hannover.de, www.anhalt-bitterfeld.de, www.koethen-anhalt.de

Detected attack on 2026-01-03_09-05-08

codabar@42de.it (Alfredo Terrone) — Sat, 03 Jan 2026 09:05:08 +0000

The attacks by noname057 primarily targeted websites in Germany. The affected sites include various municipal and regional government portals, as well as service-related websites. Key cities under attack include Erfurt, Dortmund, Ludwigshafen, and Wanzleben, among others. The attacks seem to focus on local government and transportation services, indicating a potential interest in disrupting public services or gathering sensitive information.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.erfurt.de, www.wanzleben.de, reiner-haseloff.de, start-ni-mitte.de, frontend-api.sbahn-hannover.de, www.vg-arendsee-kalbe.de, www.dortmund.de, ludwigshafen.de, bayvebe.bayern.de, www.koethen-anhalt.de, www.tender24.de, www.sbahn-hannover.de, www.l.de, www.anhalt-bitterfeld.de, www.kreis-oh.de, haustechniker24h.de, www.krone-trailer.com
Targets from prev attack(0):
Dismissed Targets(14): www.mauritius-elisabeth.de, www.gruene-fraktion-sachsen-anhalt.de, www.afd.de, halle.de, www.schoenebeck.de, www.wittenberg.de, www.marktkirche-halle.de, www.serbske-nowiny.de, www.nemetschek.com, www.merseburger-dom.de, spd-lsa.de, www.landkreis-wittenberg.de, www.landkreis-stendal.de, www.naumburger-dom.de

Detected attack on 2026-01-02_21-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 02 Jan 2026 21:05:08 +0000

The attacks by noname057(16) primarily targeted websites in Germany, including local government sites and political organizations. Key locations under attack include regions such as Sachsen-Anhalt and cities like Halle and Wittenberg. Other notable targets include cultural and historical sites, indicating a focus on both administrative and community-oriented platforms.^{AI generated}
14 targets are under attack, 0 new targets and 14 targets from previous attack
New Targets(0):
Targets from prev attack(14): www.mauritius-elisabeth.de, www.nemetschek.com, www.merseburger-dom.de, www.gruene-fraktion-sachsen-anhalt.de, www.landkreis-stendal.de, www.wittenberg.de, spd-lsa.de, www.naumburger-dom.de, halle.de, www.afd.de, www.schoenebeck.de, www.landkreis-wittenberg.de, www.serbske-nowiny.de, www.marktkirche-halle.de
Dismissed Targets(10): anmeldung.mdv-verbundgebiet.de, www.nowycasnik.de, www.wanzleben-boerde.de, www.mdv-verbundgebiet.de, www.naumburg.de, www.oscherslebenbode.de, www.cdu.de, www.saalekreis.de, www.aschersleben.de, www.spd.de

Detected attack on 2026-01-02_21-00-15

codabar@42de.it (Alfredo Terrone) — Fri, 02 Jan 2026 21:00:15 +0000

The attacks by noname057 primarily targeted websites in Germany, with a focus on local government and political party sites. Key cities under attack include Naumburg, Wittenberg, and Halle, along with various regional and municipal sites across the country. The attacks also affected organizations related to political parties such as the CDU and SPD, indicating a potential interest in disrupting political discourse.^{AI generated}
24 targets are under attack, 0 new targets and 24 targets from previous attack
New Targets(0):
Targets from prev attack(24): www.mauritius-elisabeth.de, www.mdv-verbundgebiet.de, www.naumburg.de, www.wittenberg.de, www.serbske-nowiny.de, www.wanzleben-boerde.de, www.landkreis-stendal.de, www.afd.de, www.nemetschek.com, www.schoenebeck.de, www.saalekreis.de, www.nowycasnik.de, www.landkreis-wittenberg.de, www.aschersleben.de, www.oscherslebenbode.de, anmeldung.mdv-verbundgebiet.de, www.marktkirche-halle.de, www.gruene-fraktion-sachsen-anhalt.de, halle.de, www.cdu.de, www.naumburger-dom.de, www.spd.de, spd-lsa.de, www.merseburger-dom.de
Dismissed Targets(5): www.tangermuende.de, www.haldensleben.de, www.kreis-hz.de, www.tangerhuette.de, stiftung-moritzburg.de

Detected attack on 2026-01-02_09-05-10

codabar@42de.it (Alfredo Terrone) — Fri, 02 Jan 2026 09:05:10 +0000

The attacks attributed to noname057 primarily target websites in Germany. The affected sites include various local government and political party websites, such as the CDU, AfD, and SPD, as well as regional news outlets and cultural institutions. This indicates a focused campaign against German entities, highlighting potential political motivations behind the attacks.^{AI generated}
29 targets are under attack, 29 new targets and 0 targets from previous attack
New Targets(29): www.cdu.de, www.aschersleben.de, anmeldung.mdv-verbundgebiet.de, www.naumburg.de, www.afd.de, www.serbske-nowiny.de, www.spd.de, www.landkreis-wittenberg.de, www.haldensleben.de, www.landkreis-stendal.de, www.schoenebeck.de, www.mauritius-elisabeth.de, www.saalekreis.de, www.kreis-hz.de, www.wanzleben-boerde.de, www.tangermuende.de, www.gruene-fraktion-sachsen-anhalt.de, stiftung-moritzburg.de, www.nemetschek.com, www.nowycasnik.de, www.marktkirche-halle.de, www.naumburger-dom.de, halle.de, www.tangerhuette.de, www.mdv-verbundgebiet.de, www.merseburger-dom.de, spd-lsa.de, www.oscherslebenbode.de, www.wittenberg.de
Targets from prev attack(0):
Dismissed Targets(20): formularserver.bayern.de, www.nuernberg.de, www.anhalt-bitterfeld.de, www.kiel.de, www.ditfurt.de, www.bielefeld.de, www.ballenstedt.de, www.koethen-anhalt.de, www.breisgau-hochschwarzwald.de, www.freiburg.de, www.nordfriesland.de, www.halberstadt.de, www.harzgerode.de, www.bode-holtemme.de, www.kreis-oh.de, ludwigshafen.de, www.oberallgaeu.org, www.wanzleben.de, www.darmstadt.de, www.magdeburg.de

Detected attack on 2026-01-01_09-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 01 Jan 2026 09:05:08 +0000

The attacks attributed to noname057 primarily target websites in Germany. Key regions affected include cities such as Ludwigshafen, Darmstadt, Kiel, and Freiburg, among others. The attacks have impacted various local government and administrative sites across the country.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.bode-holtemme.de, ludwigshafen.de, www.breisgau-hochschwarzwald.de, formularserver.bayern.de, www.nordfriesland.de, www.kreis-oh.de, www.koethen-anhalt.de, www.oberallgaeu.org, www.darmstadt.de, www.harzgerode.de, www.ballenstedt.de, www.magdeburg.de, www.kiel.de, www.nuernberg.de, www.anhalt-bitterfeld.de, www.halberstadt.de, www.wanzleben.de, www.freiburg.de, www.ditfurt.de, www.bielefeld.de
Targets from prev attack(0):
Dismissed Targets(18): www.koblenz.de, shop.sternundkreis.de, www.zwickau.de, www.landtag.sachsen-anhalt.de, reiner-haseloff.de, dtvp.de, www.lfst.bayern.de, www.tender24.de, www.boerse-berlin.de, www.bkms-system.net, www.kaiserslautern.de, www.stmfh.bayern.de, www.gladbeck.de, www.dortmund.de, www.bundesarbeitsgericht.de, www.vg-arendsee-kalbe.de, www.trier.de, bayvebe.bayern.de

Detected attack on 2025-12-31_09-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 31 Dec 2025 09:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in Germany. Notable cities affected include Halle (Sachsen-Anhalt), Kaiserslautern, Zwickau, and Dortmund. The attacks also impacted various regional and governmental sites, indicating a focus on local and federal institutions across the country.^{AI generated}
18 targets are under attack, 18 new targets and 0 targets from previous attack
New Targets(18): www.landtag.sachsen-anhalt.de, www.kaiserslautern.de, www.zwickau.de, www.lfst.bayern.de, reiner-haseloff.de, bayvebe.bayern.de, www.bundesarbeitsgericht.de, shop.sternundkreis.de, www.dortmund.de, dtvp.de, www.gladbeck.de, www.vg-arendsee-kalbe.de, www.bkms-system.net, www.boerse-berlin.de, www.koblenz.de, www.tender24.de, www.stmfh.bayern.de, www.trier.de
Targets from prev attack(0):
Dismissed Targets(18): www.bwegt.de, mietwagen.check24.de, www.goodnews4.de, www.baden-baden.com, www.stadtwerke-baden-baden.de, badenbikerental.com, haustechniker24h.de, www.bahnhof.de, finanzamt-bw.fv-bwl.de, www.fred-huck.de, fahrplan-bus-bahn.de, www.kvv-nextbike.de, www.badenbadenevents.de, www.steuergo.de, www.festspielhaus.de, www.ohne-makler.net, www.avionio.com, www.baden-airpark.de

Detected attack on 2025-12-31_07-15-08

codabar@42de.it (Alfredo Terrone) — Wed, 31 Dec 2025 07:15:08 +0000

The attacks attributed to noname057 primarily targeted websites in Germany, specifically in the Baden-Baden region. Key sectors affected include tourism, transportation, and local services, with various sites related to bike rentals, events, public transport, and municipal services being compromised.^{AI generated}
18 targets are under attack, 0 new targets and 18 targets from previous attack
New Targets(0):
Targets from prev attack(18): badenbikerental.com, www.badenbadenevents.de, haustechniker24h.de, www.bahnhof.de, fahrplan-bus-bahn.de, www.stadtwerke-baden-baden.de, mietwagen.check24.de, www.steuergo.de, www.kvv-nextbike.de, www.goodnews4.de, www.bwegt.de, www.fred-huck.de, www.baden-baden.com, finanzamt-bw.fv-bwl.de, www.baden-airpark.de, www.avionio.com, www.festspielhaus.de, www.ohne-makler.net
Dismissed Targets(10): komsamovr.rada.gov.ua, kompek.rada.gov.ua, komnbor.rada.gov.ua, www.rewe.de, hausmeisterservice-baden.de, kompravlud.rada.gov.ua, komtrans.rada.gov.ua, komfinbank.rada.gov.ua, kompravpol.rada.gov.ua, komzakonpr.rada.gov.ua

Detected attack on 2025-12-30_11-19-28

codabar@42de.it (Alfredo Terrone) — Tue, 30 Dec 2025 11:19:28 +0000

The attacks by noname057(16) primarily targeted websites in Germany and Ukraine. Key sectors affected include transportation, finance, and local services. Notable sites include various regional transportation services in Germany, such as baden-airpark.de and kvv-nextbike.de, as well as multiple government and legal sites in Ukraine, like komnbor.rada.gov.ua and komzakonpr.rada.gov.ua.^{AI generated}
28 targets are under attack, 28 new targets and 0 targets from previous attack
New Targets(28): mietwagen.check24.de, www.steuergo.de, www.ohne-makler.net, komnbor.rada.gov.ua, www.baden-airpark.de, komzakonpr.rada.gov.ua, finanzamt-bw.fv-bwl.de, badenbikerental.com, kompravlud.rada.gov.ua, www.avionio.com, www.rewe.de, www.kvv-nextbike.de, komfinbank.rada.gov.ua, kompravpol.rada.gov.ua, haustechniker24h.de, www.goodnews4.de, www.baden-baden.com, www.fred-huck.de, fahrplan-bus-bahn.de, www.bwegt.de, hausmeisterservice-baden.de, www.stadtwerke-baden-baden.de, www.festspielhaus.de, www.bahnhof.de, kompek.rada.gov.ua, komtrans.rada.gov.ua, www.badenbadenevents.de, komsamovr.rada.gov.ua
Targets from prev attack(0):
Dismissed Targets(21): www.evergabe-online.de, www.finanzamt-bad-kissingen.de, www.finanzamt-lohr.de, www.sbahn-hannover.de, start-ni-mitte.de, www.deutz-fahr.com, www.ingolstadt.de, www.l.de, www.finanzamt-aschaffenburg.de, www.erfurt.de, portal.onlinewache.polizei.de, www.finanzamt-zeil.de, www.finanzamt-schweinfurt.de, www.krone-trailer.com, www.finanzamt-obernburg.de, www.rostock.de, www.finanzamt-bad-neustadt.de, frontend-api.sbahn-hannover.de, www.finanzamt-wuerzburg.de, www.finanzamt-kitzingen.de, www.kreis-oh.de

Detected attack on 2025-12-29_09-10-08

codabar@42de.it (Alfredo Terrone) — Mon, 29 Dec 2025 09:10:08 +0000

Noname057(16) has targeted various websites primarily in Germany, focusing on government and transportation sectors. The attacked sites include several local tax offices (Finanzamt) and public transport services, indicating a concentrated effort against German infrastructure. Other affected entities include regional municipalities and a trailer company, reflecting a diverse range of sectors under attack.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.finanzamt-aschaffenburg.de, www.krone-trailer.com, www.finanzamt-wuerzburg.de, www.sbahn-hannover.de, www.finanzamt-bad-neustadt.de, www.ingolstadt.de, www.l.de, www.finanzamt-lohr.de, www.deutz-fahr.com, frontend-api.sbahn-hannover.de, www.finanzamt-obernburg.de, www.kreis-oh.de, www.finanzamt-kitzingen.de, www.rostock.de, www.finanzamt-bad-kissingen.de, www.finanzamt-zeil.de, www.finanzamt-schweinfurt.de, www.evergabe-online.de, portal.onlinewache.polizei.de, www.erfurt.de, start-ni-mitte.de
Targets from prev attack(0):
Dismissed Targets(11): www.hel.fi, www.expressbus.fi, www.escarmat.com, alfenelkamo.fi, smile2.likeit.fi, energia.fi, securemail.millog.fi, auth.aktia.fi, extidpevaluointi.traficom.fi, www.kaukokiito.fi, www.finnet.com.tr

Detected attack on 2025-12-28_07-05-08

codabar@42de.it (Alfredo Terrone) — Sun, 28 Dec 2025 07:05:08 +0000

Noname057(16) has targeted various websites primarily in Finland, including banking and transportation services. Key sites attacked include Aktia's authentication portal, municipal services in Helsinki, and several transportation-related platforms. Additionally, the group has also targeted a Turkish telecommunications site, indicating a broader regional interest in cybersecurity vulnerabilities.^{AI generated}
11 targets are under attack, 11 new targets and 0 targets from previous attack
New Targets(11): auth.aktia.fi, extidpevaluointi.traficom.fi, smile2.likeit.fi, www.escarmat.com, alfenelkamo.fi, www.kaukokiito.fi, www.finnet.com.tr, www.hel.fi, www.expressbus.fi, securemail.millog.fi, energia.fi
Targets from prev attack(0):
Dismissed Targets(11): www.ambetsverket.ax, elisa.com, www.lahitaksi.fi, webmail.elisa.fi, gasgrid.fi, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, elisa.fi, verkkoasiointi.elisa.fi, login.id.elisa.fi, datasafe.fi, tunnistus.elisa.fi

Detected attack on 2025-12-27_07-50-08

codabar@42de.it (Alfredo Terrone) — Sat, 27 Dec 2025 07:50:08 +0000

Noname057(16) has targeted various websites primarily in Finland, including major service providers like Elisa and government-related platforms. The attacks affected sites such as login portals and webmail services, indicating a focus on accessing personal and sensitive information.^{AI generated}
11 targets are under attack, 11 new targets and 0 targets from previous attack
New Targets(11): login-euva-saasfaprod1.fa.ocs.oraclecloud.com, www.lahitaksi.fi, gasgrid.fi, tunnistus.elisa.fi, login.id.elisa.fi, elisa.com, elisa.fi, webmail.elisa.fi, www.ambetsverket.ax, verkkoasiointi.elisa.fi, datasafe.fi
Targets from prev attack(0):
Dismissed Targets(26): eraluvat.metsa.fi, algoltechnics.fi, azocm.postavschiki.ua, www.arcteq.com, uutiskirje.metsa.fi, www.btbtransformers.com, dvmash.biz, www.stormossen.fi, julkaisut.metsa.fi, www.planeetta.fi, metsatalous.metsa.fi, efc.fi, www.aktia.fi, eservice.stormossen.fi, www.fintraffic.fi, www.azot.com.ua, lansys.com.ua, amstor.com, www.dss-ua.com, www.deltawilmar.com, www.niko.ua, nortech.fi, foxtrotgroup.com.ua, www.energiequelle.fi, www.altis.ua, www.metsa.fi

Detected attack on 2025-12-27_06-05-28

codabar@42de.it (Alfredo Terrone) — Sat, 27 Dec 2025 06:05:28 +0000

The attacks attributed to noname057 primarily target websites in Finland and Ukraine. Key sectors affected include forestry, finance, energy, and manufacturing. Notable organizations attacked include Metsä Group, Aktia, and various Ukrainian companies, indicating a focus on critical infrastructure and industry in these countries.^{AI generated}
26 targets are under attack, 0 new targets and 26 targets from previous attack
New Targets(0):
Targets from prev attack(26): www.stormossen.fi, uutiskirje.metsa.fi, www.metsa.fi, www.aktia.fi, www.arcteq.com, lansys.com.ua, www.btbtransformers.com, foxtrotgroup.com.ua, www.altis.ua, amstor.com, www.planeetta.fi, dvmash.biz, nortech.fi, eraluvat.metsa.fi, www.fintraffic.fi, eservice.stormossen.fi, algoltechnics.fi, www.niko.ua, metsatalous.metsa.fi, www.dss-ua.com, azocm.postavschiki.ua, www.azot.com.ua, www.energiequelle.fi, www.deltawilmar.com, efc.fi, julkaisut.metsa.fi
Dismissed Targets(1): www.vaasa.fi

Detected attack on 2025-12-26_15-55-10

codabar@42de.it (Alfredo Terrone) — Fri, 26 Dec 2025 15:55:10 +0000

The attacks attributed to noname057(16) primarily target websites in Finland and Ukraine. Key sectors affected include energy, forestry, and technology, with notable entities like Delta Wilmar, Energiequelle, and various Ukrainian companies such as Niko and Foxtrot Group facing disruptions. The attacks highlight a focus on critical infrastructure and commercial operations in these countries.^{AI generated}
27 targets are under attack, 0 new targets and 27 targets from previous attack
New Targets(0):
Targets from prev attack(27): www.deltawilmar.com, www.energiequelle.fi, julkaisut.metsa.fi, eraluvat.metsa.fi, www.niko.ua, azocm.postavschiki.ua, www.metsa.fi, eservice.stormossen.fi, www.arcteq.com, foxtrotgroup.com.ua, dvmash.biz, www.fintraffic.fi, www.azot.com.ua, efc.fi, www.stormossen.fi, metsatalous.metsa.fi, www.btbtransformers.com, algoltechnics.fi, nortech.fi, www.dss-ua.com, lansys.com.ua, www.altis.ua, www.vaasa.fi, uutiskirje.metsa.fi, www.aktia.fi, www.planeetta.fi, amstor.com
Dismissed Targets(1): auth.aktia.fi

Detected attack on 2025-12-26_15-50-11

codabar@42de.it (Alfredo Terrone) — Fri, 26 Dec 2025 15:50:11 +0000

The attacks by noname057(16) have primarily targeted websites in Finland and Ukraine. Key Finnish sites include government and energy-related domains such as fintraffic.fi, energiequelle.fi, and aktia.fi. In Ukraine, various sectors are affected, with notable targets including dss-ua.com, amstor.com, and foxtrotgroup.com.ua. The attacks indicate a focus on critical infrastructure and commercial entities in these countries.^{AI generated}
28 targets are under attack, 0 new targets and 28 targets from previous attack
New Targets(0):
Targets from prev attack(28): www.fintraffic.fi, www.deltawilmar.com, www.energiequelle.fi, julkaisut.metsa.fi, www.niko.ua, lansys.com.ua, www.dss-ua.com, efc.fi, amstor.com, www.arcteq.com, nortech.fi, www.planeetta.fi, eservice.stormossen.fi, www.azot.com.ua, dvmash.biz, www.vaasa.fi, algoltechnics.fi, www.stormossen.fi, www.btbtransformers.com, uutiskirje.metsa.fi, www.altis.ua, www.metsa.fi, metsatalous.metsa.fi, foxtrotgroup.com.ua, eraluvat.metsa.fi, azocm.postavschiki.ua, auth.aktia.fi, www.aktia.fi
Dismissed Targets(1): www.hel.fi

Detected attack on 2025-12-26_11-50-09

codabar@42de.it (Alfredo Terrone) — Fri, 26 Dec 2025 11:50:09 +0000

The attacks attributed to noname057(16) primarily target websites in Finland and Ukraine. Key sectors affected include government services, environmental organizations, and various companies in the technology and finance industries. The attacks highlight a focus on critical infrastructure and public services in these regions.^{AI generated}
29 targets are under attack, 29 new targets and 0 targets from previous attack
New Targets(29): www.hel.fi, julkaisut.metsa.fi, amstor.com, www.energiequelle.fi, www.vaasa.fi, nortech.fi, www.planeetta.fi, www.dss-ua.com, eraluvat.metsa.fi, foxtrotgroup.com.ua, www.stormossen.fi, www.fintraffic.fi, azocm.postavschiki.ua, lansys.com.ua, uutiskirje.metsa.fi, www.btbtransformers.com, www.metsa.fi, algoltechnics.fi, www.arcteq.com, www.niko.ua, dvmash.biz, efc.fi, www.aktia.fi, www.deltawilmar.com, www.azot.com.ua, www.altis.ua, metsatalous.metsa.fi, auth.aktia.fi, eservice.stormossen.fi
Targets from prev attack(0):
Dismissed Targets(34): www.vero.fi, www.kyberturvallisuuskeskus.fi, www.vmr.gov.ua, www.moselle.gouv.fr, loga.gov.ua, www.expressbus.fi, www.vaestoliitto.fi, smr.gov.ua, www.kotka.fi, ek.fi, www.ely-keskus.fi, www.ville-dunkerque.fr, zp.gov.ua, www.nouvelle-caledonie.gouv.fr, www.portofturku.fi, kauppakamari.fi, www.suomenpankki.fi, www.rada-poltava.gov.ua, mariupolrada.gov.ua, www.seine-maritime.gouv.fr, migri.fi, www.porvoo.fi, www.autotuojat.fi, karelialines.fi, extidpevaluointi.traficom.fi, www.sarthe.gouv.fr, www.bouches-du-rhone.gouv.fr, finland.fi, www.loire-atlantique.fr, enterfinland.fi, vm.fi, www.infofinland.fi, www.departement13.fr, www.angers.fr

Detected attack on 2025-12-25_14-38-43

codabar@42de.it (Alfredo Terrone) — Thu, 25 Dec 2025 14:38:43 +0000

The attacks by noname057 primarily targeted websites from Ukraine, Finland, and France. Notable Ukrainian sites include various government and regional portals, while Finnish targets encompass government institutions and services. French websites attacked include regional government sites and local administrations.^{AI generated}
34 targets are under attack, 34 new targets and 0 targets from previous attack
New Targets(34): zp.gov.ua, www.moselle.gouv.fr, www.seine-maritime.gouv.fr, migri.fi, ek.fi, www.autotuojat.fi, www.suomenpankki.fi, vm.fi, www.departement13.fr, www.kyberturvallisuuskeskus.fi, finland.fi, www.vero.fi, www.rada-poltava.gov.ua, www.portofturku.fi, www.infofinland.fi, www.expressbus.fi, extidpevaluointi.traficom.fi, loga.gov.ua, www.angers.fr, www.sarthe.gouv.fr, enterfinland.fi, kauppakamari.fi, www.vmr.gov.ua, www.porvoo.fi, mariupolrada.gov.ua, www.ville-dunkerque.fr, www.nouvelle-caledonie.gouv.fr, smr.gov.ua, www.vaestoliitto.fi, www.kotka.fi, karelialines.fi, www.ely-keskus.fi, www.loire-atlantique.fr, www.bouches-du-rhone.gouv.fr
Targets from prev attack(0):
Dismissed Targets(44): aesgroup.com.ua, thingsboard.labchatou.edf.fr, www.insta.fi, tahiti-aeroports.com, www.yritystele.fi, login.id.elisa.fi, www.getlinkgroup.com, projets-transports.nicecotedazur.org, www.epv.fi, securemail.millog.fi, websso-gardian.myelectricnetwork.com, www.escarmat.com, logset.fi, jalerte.arcep.fr, elisa.com, keramet.com.ua, www.krruda.dp.ua, tunnistus.elisa.fi, elisa.fi, millog.fi, www.palmet.fi, auth.entreprises-collectivites.edf.fr, www.tor.gov.ua, alfenelkamo.fi, www.securite-routiere.gouv.fr, paiement-multicanal-api.ca.gouv.fr, www.finvacon.com, www.fidelix.com, www.kvsz.com, www.prh.fi, webmail.elisa.fi, ampner.com, lemtrans.com.ua, rec-websso-gardian.myelectricnetwork.com, lidentitenumerique.laposte.fr, www.etha-consultancy.com, www.ferrexpo.ua, api.tam.cityway.fr, www.fintos.fi, erc.ua, www.metro-rennes-metropole.fr, tramway.angersloiremetropole.fr, verkkoasiointi.elisa.fi, www.tam-voyages.com

Detected attack on 2025-12-24_11-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 24 Dec 2025 11:10:09 +0000

The attacks attributed to noname057 primarily target websites in Finland, Ukraine, and France. Key sectors affected include telecommunications, transport, and energy. Notable organizations targeted include Elisa in Finland, various Ukrainian companies, and French governmental services. The attacks reflect a diverse range of interests, impacting both public and private entities across these countries.^{AI generated}
44 targets are under attack, 8 new targets and 36 targets from previous attack
New Targets(8): erc.ua, aesgroup.com.ua, www.kvsz.com, lemtrans.com.ua, www.krruda.dp.ua, www.ferrexpo.ua, www.tor.gov.ua, keramet.com.ua
Targets from prev attack(36): www.palmet.fi, webmail.elisa.fi, login.id.elisa.fi, rec-websso-gardian.myelectricnetwork.com, websso-gardian.myelectricnetwork.com, jalerte.arcep.fr, logset.fi, www.getlinkgroup.com, www.metro-rennes-metropole.fr, www.epv.fi, www.fidelix.com, thingsboard.labchatou.edf.fr, www.tam-voyages.com, www.escarmat.com, paiement-multicanal-api.ca.gouv.fr, ampner.com, www.insta.fi, millog.fi, verkkoasiointi.elisa.fi, www.etha-consultancy.com, elisa.fi, www.securite-routiere.gouv.fr, projets-transports.nicecotedazur.org, securemail.millog.fi, alfenelkamo.fi, www.fintos.fi, tramway.angersloiremetropole.fr, www.prh.fi, api.tam.cityway.fr, lidentitenumerique.laposte.fr, auth.entreprises-collectivites.edf.fr, elisa.com, tunnistus.elisa.fi, tahiti-aeroports.com, www.finvacon.com, www.yritystele.fi
Dismissed Targets(0):

Detected attack on 2025-12-24_10-05-11

codabar@42de.it (Alfredo Terrone) — Wed, 24 Dec 2025 10:05:11 +0000

The attacks attributed to noname057 primarily target organizations in Finland and France. Key sectors affected include telecommunications, transportation, and public services, with notable incidents involving websites like securemail.millog.fi, elisa.com, and various municipal transport sites in France. The campaign highlights vulnerabilities in both private and public sector infrastructures across these countries.^{AI generated}
36 targets are under attack, 15 new targets and 21 targets from previous attack
New Targets(15): tramway.angersloiremetropole.fr, paiement-multicanal-api.ca.gouv.fr, rec-websso-gardian.myelectricnetwork.com, www.getlinkgroup.com, projets-transports.nicecotedazur.org, tahiti-aeroports.com, thingsboard.labchatou.edf.fr, api.tam.cityway.fr, websso-gardian.myelectricnetwork.com, www.securite-routiere.gouv.fr, www.metro-rennes-metropole.fr, www.tam-voyages.com, auth.entreprises-collectivites.edf.fr, lidentitenumerique.laposte.fr, jalerte.arcep.fr
Targets from prev attack(21): securemail.millog.fi, www.yritystele.fi, www.finvacon.com, ampner.com, login.id.elisa.fi, www.palmet.fi, logset.fi, millog.fi, elisa.com, www.fidelix.com, verkkoasiointi.elisa.fi, www.epv.fi, www.fintos.fi, www.insta.fi, www.escarmat.com, tunnistus.elisa.fi, alfenelkamo.fi, www.prh.fi, www.etha-consultancy.com, elisa.fi, webmail.elisa.fi
Dismissed Targets(0):

Detected attack on 2025-12-24_07-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 24 Dec 2025 07:10:09 +0000

Noname057(16) has targeted various websites primarily in Finland. The attacked sites include those associated with telecommunications, consulting, and government services, indicating a focus on critical infrastructure and corporate entities within the country. Notable domains include elisa.fi, prh.fi, and millog.fi, highlighting the group's interest in both private and public sector organizations in Finland.^{AI generated}
21 targets are under attack, 8 new targets and 13 targets from previous attack
New Targets(8): logset.fi, www.etha-consultancy.com, www.epv.fi, www.fintos.fi, www.escarmat.com, www.palmet.fi, www.fidelix.com, www.finvacon.com
Targets from prev attack(13): www.prh.fi, elisa.fi, ampner.com, securemail.millog.fi, millog.fi, login.id.elisa.fi, webmail.elisa.fi, alfenelkamo.fi, www.insta.fi, www.yritystele.fi, verkkoasiointi.elisa.fi, tunnistus.elisa.fi, elisa.com
Dismissed Targets(33): paiement-multicanal-api.ca.gouv.fr, opas.matka.fi, www.traficom.fi, lidentitenumerique.laposte.fr, www.kela.fi, www.airpro.fi, api.tam.cityway.fr, jalerte.arcep.fr, en.tallink.com, datasafe.fi, websso-gardian.myelectricnetwork.com, katso.azurewebsites.net, tahiti-aeroports.com, thingsboard.labchatou.edf.fr, www.tam-voyages.com, login.if-insurance.com, rec-websso-gardian.myelectricnetwork.com, www.korrek.fi, www.getlinkgroup.com, ouluport.com, www.lahitaksi.fi, tramway.angersloiremetropole.fr, www.localnet.fi, auth.entreprises-collectivites.edf.fr, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, projets-transports.nicecotedazur.org, www.if.fi, www.securite-routiere.gouv.fr, gasgrid.fi, www.pohjolanvoima.fi, www.lahitapiola.fi, www.metro-rennes-metropole.fr, www.arcep.fr

Detected attack on 2025-12-24_07-05-28

codabar@42de.it (Alfredo Terrone) — Wed, 24 Dec 2025 07:05:28 +0000

The attacks attributed to noname057 primarily target websites in France and Finland. Notable sites include various governmental and transportation services in France, such as paiement-multicanal-api.ca.gouv.fr and www.traficom.fi, as well as Finnish entities like www.kela.fi and elisa.fi. The attacks appear to focus on sectors such as public services, transportation, and digital identity management.^{AI generated}
46 targets are under attack, 13 new targets and 33 targets from previous attack
New Targets(13): www.prh.fi, elisa.fi, ampner.com, securemail.millog.fi, millog.fi, login.id.elisa.fi, webmail.elisa.fi, alfenelkamo.fi, www.insta.fi, www.yritystele.fi, verkkoasiointi.elisa.fi, tunnistus.elisa.fi, elisa.com
Targets from prev attack(33): paiement-multicanal-api.ca.gouv.fr, opas.matka.fi, www.traficom.fi, lidentitenumerique.laposte.fr, www.kela.fi, www.airpro.fi, api.tam.cityway.fr, jalerte.arcep.fr, en.tallink.com, datasafe.fi, websso-gardian.myelectricnetwork.com, katso.azurewebsites.net, tahiti-aeroports.com, thingsboard.labchatou.edf.fr, www.tam-voyages.com, login.if-insurance.com, rec-websso-gardian.myelectricnetwork.com, www.korrek.fi, www.getlinkgroup.com, ouluport.com, www.localnet.fi, www.lahitaksi.fi, tramway.angersloiremetropole.fr, auth.entreprises-collectivites.edf.fr, projets-transports.nicecotedazur.org, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, www.if.fi, www.securite-routiere.gouv.fr, gasgrid.fi, www.pohjolanvoima.fi, www.lahitapiola.fi, www.metro-rennes-metropole.fr, www.arcep.fr
Dismissed Targets(0):

Detected attack on 2025-12-23_13-00-13

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 13:00:13 +0000

Noname057(16) has targeted various websites primarily in France and Finland. Key sectors under attack include transportation, insurance, and public services. The attacks have affected entities such as the French regulatory authority Arcep, Finnish insurance company If, and various airports and transport networks in both countries.^{AI generated}
33 targets are under attack, 1 new targets and 32 targets from previous attack
New Targets(1): jalerte.arcep.fr
Targets from prev attack(32): katso.azurewebsites.net, www.arcep.fr, www.lahitapiola.fi, www.getlinkgroup.com, www.pohjolanvoima.fi, api.tam.cityway.fr, rec-websso-gardian.myelectricnetwork.com, www.korrek.fi, www.if.fi, datasafe.fi, tahiti-aeroports.com, login.if-insurance.com, gasgrid.fi, www.localnet.fi, www.airpro.fi, www.traficom.fi, www.metro-rennes-metropole.fr, opas.matka.fi, www.kela.fi, tramway.angersloiremetropole.fr, www.tam-voyages.com, thingsboard.labchatou.edf.fr, websso-gardian.myelectricnetwork.com, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, www.lahitaksi.fi, www.securite-routiere.gouv.fr, paiement-multicanal-api.ca.gouv.fr, ouluport.com, projets-transports.nicecotedazur.org, auth.entreprises-collectivites.edf.fr, lidentitenumerique.laposte.fr, en.tallink.com
Dismissed Targets(0):

Detected attack on 2025-12-23_12-50-15

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 12:50:15 +0000

The attacks attributed to noname057 primarily target websites in Finland, France, and Canada. Key sectors affected include transportation, energy, and public services, with notable organizations such as Getlink Group, Gasgrid Finland, and various municipal services in France and Finland being compromised. The attacks indicate a focus on critical infrastructure and digital identity services, highlighting vulnerabilities in these regions.^{AI generated}
32 targets are under attack, 1 new targets and 31 targets from previous attack
New Targets(1): www.arcep.fr
Targets from prev attack(31): en.tallink.com, www.getlinkgroup.com, gasgrid.fi, www.korrek.fi, www.securite-routiere.gouv.fr, www.airpro.fi, www.kela.fi, www.tam-voyages.com, rec-websso-gardian.myelectricnetwork.com, ouluport.com, thingsboard.labchatou.edf.fr, datasafe.fi, paiement-multicanal-api.ca.gouv.fr, projets-transports.nicecotedazur.org, tahiti-aeroports.com, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, lidentitenumerique.laposte.fr, www.lahitaksi.fi, opas.matka.fi, katso.azurewebsites.net, tramway.angersloiremetropole.fr, api.tam.cityway.fr, www.if.fi, websso-gardian.myelectricnetwork.com, www.lahitapiola.fi, auth.entreprises-collectivites.edf.fr, www.metro-rennes-metropole.fr, login.if-insurance.com, www.pohjolanvoima.fi, www.traficom.fi, www.localnet.fi
Dismissed Targets(0):

Detected attack on 2025-12-23_11-10-13

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 11:10:13 +0000

The sites attacked by noname057(16) primarily involve organizations from Finland, France, and Canada. Key sectors affected include transportation, insurance, and public services. Finnish sites such as tam-voyages.com and localnet.fi indicate a focus on local infrastructure and services, while French sites like lidentitenumerique.laposte.fr and paiement-multicanal-api.ca.gouv.fr highlight attacks on digital identity and payment systems. The presence of Canadian sites signifies a broader impact across different regions.^{AI generated}
31 targets are under attack, 1 new targets and 30 targets from previous attack
New Targets(1): www.getlinkgroup.com
Targets from prev attack(30): www.tam-voyages.com, www.if.fi, projets-transports.nicecotedazur.org, www.localnet.fi, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, ouluport.com, www.pohjolanvoima.fi, www.airpro.fi, api.tam.cityway.fr, tramway.angersloiremetropole.fr, websso-gardian.myelectricnetwork.com, rec-websso-gardian.myelectricnetwork.com, en.tallink.com, www.lahitapiola.fi, lidentitenumerique.laposte.fr, login.if-insurance.com, datasafe.fi, www.metro-rennes-metropole.fr, paiement-multicanal-api.ca.gouv.fr, tahiti-aeroports.com, opas.matka.fi, www.kela.fi, www.korrek.fi, auth.entreprises-collectivites.edf.fr, www.securite-routiere.gouv.fr, www.lahitaksi.fi, katso.azurewebsites.net, gasgrid.fi, thingsboard.labchatou.edf.fr, www.traficom.fi
Dismissed Targets(0):

Detected attack on 2025-12-23_11-00-11

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 11:00:11 +0000

The attacks attributed to noname057 primarily targeted websites in Finland, France, and Canada. Key sectors affected include insurance, transportation, and public services, with notable incidents involving Finnish sites like localnet.fi and kela.fi, as well as French platforms such as projets-transports.nicecotedazur.org and auth.entreprises-collectivites.edf.fr.^{AI generated}
30 targets are under attack, 10 new targets and 20 targets from previous attack
New Targets(10): rec-websso-gardian.myelectricnetwork.com, auth.entreprises-collectivites.edf.fr, www.securite-routiere.gouv.fr, thingsboard.labchatou.edf.fr, projets-transports.nicecotedazur.org, websso-gardian.myelectricnetwork.com, api.tam.cityway.fr, tahiti-aeroports.com, lidentitenumerique.laposte.fr, paiement-multicanal-api.ca.gouv.fr
Targets from prev attack(20): www.if.fi, www.airpro.fi, login.if-insurance.com, www.lahitapiola.fi, www.korrek.fi, www.localnet.fi, www.kela.fi, www.tam-voyages.com, gasgrid.fi, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, en.tallink.com, katso.azurewebsites.net, opas.matka.fi, www.metro-rennes-metropole.fr, ouluport.com, tramway.angersloiremetropole.fr, www.lahitaksi.fi, datasafe.fi, www.traficom.fi, www.pohjolanvoima.fi
Dismissed Targets(0):

Detected attack on 2025-12-23_10-50-09

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 10:50:09 +0000

The attacks attributed to noname057 primarily target websites in Finland, with notable mentions including services related to transportation, insurance, and energy. Key sites affected include those of local transport companies, insurance providers, and government services. Other impacted countries include France, with attacks on transport and municipal services. Overall, the focus appears to be on critical infrastructure and service providers in these regions.^{AI generated}
20 targets are under attack, 3 new targets and 17 targets from previous attack
New Targets(3): www.metro-rennes-metropole.fr, tramway.angersloiremetropole.fr, www.tam-voyages.com
Targets from prev attack(17): datasafe.fi, www.kela.fi, www.korrek.fi, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, katso.azurewebsites.net, www.lahitaksi.fi, www.lahitapiola.fi, ouluport.com, opas.matka.fi, www.localnet.fi, login.if-insurance.com, www.airpro.fi, www.traficom.fi, www.pohjolanvoima.fi, en.tallink.com, gasgrid.fi, www.if.fi
Dismissed Targets(0):

Detected attack on 2025-12-23_07-10-08

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 07:10:08 +0000

Noname057(16) has targeted various websites primarily in Finland. The attacked sites include those related to transportation, insurance, energy, and public services, indicating a focus on critical infrastructure and essential services within the country.^{AI generated}
17 targets are under attack, 3 new targets and 14 targets from previous attack
New Targets(3): katso.azurewebsites.net, login-euva-saasfaprod1.fa.ocs.oraclecloud.com, www.kela.fi
Targets from prev attack(14): www.lahitaksi.fi, www.lahitapiola.fi, www.korrek.fi, www.if.fi, gasgrid.fi, opas.matka.fi, ouluport.com, www.pohjolanvoima.fi, login.if-insurance.com, www.airpro.fi, en.tallink.com, www.traficom.fi, www.localnet.fi, datasafe.fi
Dismissed Targets(0):

Detected attack on 2025-12-23_07-05-10

codabar@42de.it (Alfredo Terrone) — Tue, 23 Dec 2025 07:05:10 +0000

Noname057(16) has targeted several websites primarily in Finland. The attacked sites include various sectors such as insurance, transportation, and energy. Key targets are websites like lahitaksi.fi, lahitapiola.fi, and if.fi, reflecting a focus on financial and service industries. Other notable attacks include sites related to transportation and logistics, such as en.tallink.com and ouluport.com. Overall, the attacks highlight a significant threat to Finnish online infrastructure.^{AI generated}
14 targets are under attack, 14 new targets and 0 targets from previous attack
New Targets(14): www.lahitaksi.fi, www.lahitapiola.fi, www.korrek.fi, www.if.fi, gasgrid.fi, opas.matka.fi, ouluport.com, www.pohjolanvoima.fi, login.if-insurance.com, www.airpro.fi, en.tallink.com, www.traficom.fi, www.localnet.fi, datasafe.fi
Targets from prev attack(0):
Dismissed Targets(32): www.unikie.com, enersense.com, zbx.skm.com.ua, energia.fi, helsinki.chamber.fi, nadu.com.ua, www.alarmcentralen.ax, vasemmisto.fi, www.kaukokiito.fi, oma.perussuomalaiset.fi, www.op.fi, kojamo.fi, vak.com.ua, www.neova-group.com, alampila.fi, akerarctic.fi, cacti.skm.com.ua, www.kokoomus.fi, triolan.com, skm.com.ua, smile2.likeit.fi, bill.skm.com.ua, www.taaleri.com, z.skm.com.ua, www.varusteleka.com, www.mariehamn.ax, www.ambetsverket.ax, www.fingrid.fi, tec.dp.ua, codento.com, pm5.skm.com.ua, disnet.com.ua

Detected attack on 2025-12-22_11-10-10

codabar@42de.it (Alfredo Terrone) — Mon, 22 Dec 2025 11:10:10 +0000

The attacks attributed to noname057 primarily target websites in Finland, Ukraine, and Sweden. Key sectors affected include e-commerce, energy, and local government services. Notable Finnish sites include varusteleka.com and fingrid.fi, while Ukrainian targets feature pm5.skm.com.ua and disnet.com.ua. The campaign highlights a focus on critical infrastructure and local businesses in these regions.^{AI generated}
32 targets are under attack, 12 new targets and 20 targets from previous attack
New Targets(12): nadu.com.ua, disnet.com.ua, vak.com.ua, tec.dp.ua, bill.skm.com.ua, z.skm.com.ua, pm5.skm.com.ua, zbx.skm.com.ua, skm.com.ua, cacti.skm.com.ua, triolan.com, www.taaleri.com
Targets from prev attack(20): www.kaukokiito.fi, www.varusteleka.com, www.neova-group.com, kojamo.fi, www.mariehamn.ax, smile2.likeit.fi, www.alarmcentralen.ax, www.fingrid.fi, www.op.fi, akerarctic.fi, oma.perussuomalaiset.fi, codento.com, www.unikie.com, enersense.com, vasemmisto.fi, www.ambetsverket.ax, alampila.fi, helsinki.chamber.fi, energia.fi, www.kokoomus.fi
Dismissed Targets(0):

Detected attack on 2025-12-22_07-05-08

codabar@42de.it (Alfredo Terrone) — Mon, 22 Dec 2025 07:05:08 +0000

The attacks by noname057(16) primarily targeted websites in Finland. Key sectors affected include political organizations, energy companies, and local businesses. Notable sites include codento.com, which is related to technology, and several Finnish political party websites such as oma.perussuomalaiset.fi and www.kokoomus.fi. Additionally, energy-related sites like enersense.com and www.fingrid.fi were also compromised.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): codento.com, oma.perussuomalaiset.fi, www.kokoomus.fi, enersense.com, www.fingrid.fi, alampila.fi, vasemmisto.fi, www.neova-group.com, www.unikie.com, www.op.fi, smile2.likeit.fi, energia.fi, www.kaukokiito.fi, www.alarmcentralen.ax, kojamo.fi, www.mariehamn.ax, www.varusteleka.com, www.ambetsverket.ax, akerarctic.fi, helsinki.chamber.fi
Targets from prev attack(0):
Dismissed Targets(12): netbutik.postnord.dk, konservative.dk, socialistiskfolkeparti.dk, copenhagensuborbitals.com, www.regionoest.dk, radikalevenstre.dk, borgernesparti.dk, login.konservative.dk, www.transportministeriet.dk, ntg.com, nordicshipping.csl-consult.dk, ringsted.dk

Detected attack on 2025-12-21_07-15-08

codabar@42de.it (Alfredo Terrone) — Sun, 21 Dec 2025 07:15:08 +0000

Noname057(16) has targeted various websites primarily from Denmark. The attacked sites include government, political party, and commercial platforms, highlighting a focus on Danish institutions and organizations. Notable targets include ringsted.dk, copenhagensuborbitals.com, and several political party websites such as konservative.dk and socialistiskfolkeparti.dk.^{AI generated}
12 targets are under attack, 12 new targets and 0 targets from previous attack
New Targets(12): ringsted.dk, copenhagensuborbitals.com, www.regionoest.dk, konservative.dk, netbutik.postnord.dk, nordicshipping.csl-consult.dk, www.transportministeriet.dk, radikalevenstre.dk, ntg.com, borgernesparti.dk, socialistiskfolkeparti.dk, login.konservative.dk
Targets from prev attack(0):
Dismissed Targets(12): www.scangl.dk, www.onlinebutik.dk, www.taarnby.dk, www.qq.dk, energinet.dk, accountant.dk, portofkalundborg.dk, handelsretten.dk, www.nrg.dk, www.borger.dk, rigsadvokaten.dk, byret.dk

Detected attack on 2025-12-20_10-15-08

codabar@42de.it (Alfredo Terrone) — Sat, 20 Dec 2025 10:15:08 +0000

Noname057(16) has targeted several Danish websites, primarily affecting the country of Denmark. The attacked sites include government and public service platforms, as well as various local businesses and organizations. This indicates a focus on disrupting services and accessing sensitive information within Denmark.^{AI generated}
12 targets are under attack, 0 new targets and 12 targets from previous attack
New Targets(0):
Targets from prev attack(12): www.qq.dk, energinet.dk, portofkalundborg.dk, byret.dk, accountant.dk, handelsretten.dk, www.onlinebutik.dk, www.borger.dk, www.scangl.dk, www.nrg.dk, rigsadvokaten.dk, www.taarnby.dk
Dismissed Targets(1): www.postnord.dk

Detected attack on 2025-12-20_07-05-09

codabar@42de.it (Alfredo Terrone) — Sat, 20 Dec 2025 07:05:09 +0000

Noname057(16) has targeted several Danish websites, primarily affecting Denmark. The attacked sites include government portals, legal institutions, and various online services. Notable targets are postnord.dk, borger.dk, and handelsretten.dk, indicating a focus on critical infrastructure and public services within the country.^{AI generated}
13 targets are under attack, 12 new targets and 1 targets from previous attack
New Targets(12): www.taarnby.dk, www.onlinebutik.dk, www.borger.dk, accountant.dk, handelsretten.dk, byret.dk, rigsadvokaten.dk, energinet.dk, www.qq.dk, portofkalundborg.dk, www.scangl.dk, www.nrg.dk
Targets from prev attack(1): www.postnord.dk
Dismissed Targets(29): testhvidvask.politi.dk, www.vmr.gov.ua, solrod.dk, zp.gov.ua, www.dr.dk, www.karstensens.dk, orsted.com, studieweb.politi.dk, ingo.ua, eia.com.ua, www.roskilde.dk, holbaek.dk, soroe.dk, adm.dp.gov.ua, login.politi.dk, statistik.politi.dk, amstor.com, smr.gov.ua, lansys.com.ua, www.gn.com, www.kd-life.com.ua, logistics.postnord.dk, orsted.dk, studiewebtestsite.politi.dk, stevns.dk, greve.dk, www.aal.dk, insk.com.ua, atkweb.politi.dk

Detected attack on 2025-12-19_16-00-14

codabar@42de.it (Alfredo Terrone) — Fri, 19 Dec 2025 16:00:14 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Key sectors affected include logistics, government, and educational platforms. Notable targets include PostNord and Ørsted in Denmark, as well as various government and educational institutions in Ukraine.^{AI generated}
30 targets are under attack, 0 new targets and 30 targets from previous attack
New Targets(0):
Targets from prev attack(30): www.postnord.dk, greve.dk, www.kd-life.com.ua, orsted.com, ingo.ua, zp.gov.ua, lansys.com.ua, logistics.postnord.dk, smr.gov.ua, login.politi.dk, orsted.dk, www.aal.dk, statistik.politi.dk, testhvidvask.politi.dk, stevns.dk, www.karstensens.dk, atkweb.politi.dk, holbaek.dk, soroe.dk, adm.dp.gov.ua, solrod.dk, insk.com.ua, www.roskilde.dk, www.vmr.gov.ua, studieweb.politi.dk, studiewebtestsite.politi.dk, amstor.com, www.dr.dk, eia.com.ua, www.gn.com
Dismissed Targets(1): radikalevenstre.dk

Detected attack on 2025-12-19_15-55-10

codabar@42de.it (Alfredo Terrone) — Fri, 19 Dec 2025 15:55:10 +0000

The attacks attributed to noname057 primarily targeted websites in Denmark and Ukraine. Key Danish sites include government and logistics platforms such as postnord.dk, orsted.com, and various local municipality websites. In Ukraine, the focus was on government and educational sites, including ingo.ua and zp.gov.ua. The attacks highlight a significant interest in both governmental and logistical infrastructures in these countries.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): www.postnord.dk, greve.dk, www.kd-life.com.ua, orsted.com, ingo.ua, zp.gov.ua, lansys.com.ua, logistics.postnord.dk, smr.gov.ua, login.politi.dk, orsted.dk, www.aal.dk, statistik.politi.dk, testhvidvask.politi.dk, stevns.dk, www.karstensens.dk, atkweb.politi.dk, holbaek.dk, radikalevenstre.dk, soroe.dk, adm.dp.gov.ua, solrod.dk, insk.com.ua, www.roskilde.dk, www.vmr.gov.ua, studieweb.politi.dk, studiewebtestsite.politi.dk, amstor.com, www.dr.dk, eia.com.ua, www.gn.com
Dismissed Targets(4): socialistiskfolkeparti.dk, login.konservative.dk, borgernesparti.dk, konservative.dk

Detected attack on 2025-12-19_11-10-09

codabar@42de.it (Alfredo Terrone) — Fri, 19 Dec 2025 11:10:09 +0000

The attacks by noname057 primarily targeted websites in Denmark and Ukraine. Key Danish sites include various government and political party websites such as politi.dk, socialistiskfolkeparti.dk, and postnord.dk. In Ukraine, the attacks affected sites like insk.com.ua, zp.gov.ua, and eia.com.ua, among others. The focus appears to be on disrupting governmental and political entities in these two countries.^{AI generated}
35 targets are under attack, 10 new targets and 25 targets from previous attack
New Targets(10): lansys.com.ua, insk.com.ua, www.kd-life.com.ua, zp.gov.ua, amstor.com, adm.dp.gov.ua, smr.gov.ua, www.vmr.gov.ua, eia.com.ua, ingo.ua
Targets from prev attack(25): atkweb.politi.dk, login.politi.dk, statistik.politi.dk, socialistiskfolkeparti.dk, greve.dk, login.konservative.dk, orsted.dk, solrod.dk, borgernesparti.dk, www.postnord.dk, studieweb.politi.dk, studiewebtestsite.politi.dk, radikalevenstre.dk, konservative.dk, logistics.postnord.dk, www.dr.dk, holbaek.dk, orsted.com, www.roskilde.dk, www.aal.dk, www.karstensens.dk, testhvidvask.politi.dk, www.gn.com, soroe.dk, stevns.dk
Dismissed Targets(0):

Detected attack on 2025-12-19_07-50-08

codabar@42de.it (Alfredo Terrone) — Fri, 19 Dec 2025 07:50:08 +0000

Noname057(16) has targeted various websites primarily in Denmark, affecting government, political party, and corporate sites. Key targets include the Danish police, political parties such as Radikale Venstre and Konservative, and major companies like Ørsted and PostNord. The attacks highlight a concentrated effort against Danish digital infrastructure.^{AI generated}
25 targets are under attack, 25 new targets and 0 targets from previous attack
New Targets(25): studiewebtestsite.politi.dk, stevns.dk, radikalevenstre.dk, orsted.com, konservative.dk, www.postnord.dk, soroe.dk, www.roskilde.dk, borgernesparti.dk, atkweb.politi.dk, www.aal.dk, www.dr.dk, socialistiskfolkeparti.dk, statistik.politi.dk, testhvidvask.politi.dk, www.gn.com, greve.dk, orsted.dk, studieweb.politi.dk, holbaek.dk, login.konservative.dk, solrod.dk, www.karstensens.dk, logistics.postnord.dk, login.politi.dk
Targets from prev attack(0):
Dismissed Targets(28): kompek.rada.gov.ua, netbutik.postnord.dk, komzakonpr.rada.gov.ua, www.hplush.com, komnbor.rada.gov.ua, vejafgifter.dk, vesthimmerland.dk, systemtm.com, www.vallensbaek.dk, kompravpol.rada.gov.ua, komsamovr.rada.gov.ua, www.terma.com, en.midtjyllandslufthavn.dk, copenhagensuborbitals.com, www.regionoest.dk, www.halsnaes.dk, www.gyldendal.dk, www.glostrup.dk, komtrans.rada.gov.ua, www.transportministeriet.dk, rudersdal.dk, www.aars.dk, www.helsingor.dk, kompravlud.rada.gov.ua, komfinbank.rada.gov.ua, ringsted.dk, storebaelt.dk, www.hvidovre.dk

Detected attack on 2025-12-18_11-05-33

codabar@42de.it (Alfredo Terrone) — Thu, 18 Dec 2025 11:05:33 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Key Danish sites include various municipal and regional government portals such as vallensbaek.dk and rudersdal.dk, as well as private companies like terma.com and copenhagensuborbitals.com. In Ukraine, the attackers focus on multiple government-related sites, including kompravlud.rada.gov.ua and komfinbank.rada.gov.ua. Overall, the campaign shows a significant concentration of attacks on Danish municipalities and Ukrainian government entities.^{AI generated}
28 targets are under attack, 8 new targets and 20 targets from previous attack
New Targets(8): komtrans.rada.gov.ua, komnbor.rada.gov.ua, komfinbank.rada.gov.ua, komzakonpr.rada.gov.ua, komsamovr.rada.gov.ua, kompravpol.rada.gov.ua, kompravlud.rada.gov.ua, kompek.rada.gov.ua
Targets from prev attack(20): www.vallensbaek.dk, rudersdal.dk, www.aars.dk, copenhagensuborbitals.com, www.hvidovre.dk, netbutik.postnord.dk, www.regionoest.dk, www.terma.com, vesthimmerland.dk, en.midtjyllandslufthavn.dk, www.gyldendal.dk, www.hplush.com, www.helsingor.dk, vejafgifter.dk, www.halsnaes.dk, www.transportministeriet.dk, storebaelt.dk, systemtm.com, ringsted.dk, www.glostrup.dk
Dismissed Targets(0):

Detected attack on 2025-12-18_07-25-12

codabar@42de.it (Alfredo Terrone) — Thu, 18 Dec 2025 07:25:12 +0000

The attacks by noname057 primarily targeted websites in Denmark, affecting various local government sites and organizations. Key cities under attack include Rudersdal, Hørsholm, Aars, Hvidovre, and Helsingør, along with other notable institutions and companies such as Copenhagen Suborbitals and Terma.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): rudersdal.dk, www.halsnaes.dk, www.hvidovre.dk, www.aars.dk, copenhagensuborbitals.com, vejafgifter.dk, netbutik.postnord.dk, www.vallensbaek.dk, www.hplush.com, vesthimmerland.dk, www.helsingor.dk, ringsted.dk, www.glostrup.dk, systemtm.com, en.midtjyllandslufthavn.dk, www.regionoest.dk, www.terma.com, www.gyldendal.dk, www.transportministeriet.dk, storebaelt.dk
Targets from prev attack(0):
Dismissed Targets(32): ntg.com, bycyklen.dk, www.autokraz.com.ua, www.morsoe.dk, nordicshipping.csl-consult.dk, naalakkersuisut.gl, mors.dk, ukraine.um.dk, sparing-vist.ua, sts.dsv.com, thetradecouncil.dk, www.scandlines.com, www.scangl.dk, athlonavia.com, www.rn.dk, www.nrg.dk, www.mariagerfjord.dk, www.dst.dk, sso.dsv.com, advokatsamfundet.dk, www.bws.net, chezara-telemetria.com, ens.dk, www.azot.com.ua, www.sullissivik.gl, www.inatsisartut.gl, da.leman.com, deviro.ua, tochprilad.com, portofkalundborg.dk, ukrjet.ua, mydsv.com

Detected attack on 2025-12-17_11-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 17 Dec 2025 11:10:09 +0000

Noname057(16) has targeted various websites primarily in Ukraine and Denmark. The attacks include Ukrainian sites such as ukrjet.ua, autokraz.com.ua, and azot.com.ua, indicating a focus on Ukrainian interests. Danish targets include thetradecouncil.dk, ens.dk, and bws.net, reflecting a significant presence of attacks in Denmark as well. Other affected countries include Greenland, with sites like naalakkersuisut.gl and sullissivik.gl under attack. Overall, the primary countries under attack are Ukraine and Denmark, with additional impacts on Greenland.^{AI generated}
32 targets are under attack, 8 new targets and 24 targets from previous attack
New Targets(8): ukrjet.ua, chezara-telemetria.com, www.azot.com.ua, www.autokraz.com.ua, sparing-vist.ua, tochprilad.com, athlonavia.com, deviro.ua
Targets from prev attack(24): thetradecouncil.dk, ens.dk, advokatsamfundet.dk, ntg.com, www.nrg.dk, www.morsoe.dk, www.bws.net, sts.dsv.com, www.rn.dk, da.leman.com, www.scangl.dk, naalakkersuisut.gl, www.sullissivik.gl, bycyklen.dk, mors.dk, ukraine.um.dk, www.mariagerfjord.dk, www.dst.dk, portofkalundborg.dk, sso.dsv.com, www.inatsisartut.gl, mydsv.com, www.scandlines.com, nordicshipping.csl-consult.dk
Dismissed Targets(0):

Detected attack on 2025-12-17_07-10-09

codabar@42de.it (Alfredo Terrone) — Wed, 17 Dec 2025 07:10:09 +0000

The attacks attributed to noname057(16) primarily targeted websites in Denmark and Greenland, including government sites, shipping companies, and various local services. Notable sites affected include the Greenlandic government (naalakkersuisut.gl), Danish shipping and logistics companies (ntg.com, mydsv.com), and local municipalities (mariagerfjord.dk, morsoe.dk). Additionally, there were attacks on Denmark's energy sector (ens.dk, nrg.dk) and legal organizations (advokatsamfundet.dk). The presence of Ukrainian sites (ukraine.um.dk) indicates a broader geopolitical context in these cyber incidents.^{AI generated}
24 targets are under attack, 24 new targets and 0 targets from previous attack
New Targets(24): naalakkersuisut.gl, ntg.com, mydsv.com, nordicshipping.csl-consult.dk, bycyklen.dk, www.mariagerfjord.dk, www.rn.dk, thetradecouncil.dk, www.morsoe.dk, ukraine.um.dk, www.inatsisartut.gl, mors.dk, www.scandlines.com, ens.dk, www.nrg.dk, advokatsamfundet.dk, sso.dsv.com, www.scangl.dk, www.bws.net, da.leman.com, sts.dsv.com, portofkalundborg.dk, www.sullissivik.gl, www.dst.dk
Targets from prev attack(0):
Dismissed Targets(22): www.tinglysning.dk, lreri.tripod.com, www.dmi.dk, accountant.dk, www.molslinjen.dk, bofa.dk, www.materials.kiev.ua, www.retsinformation.dk, www.borger.dk, merydian.kiev.ua, www.ism.kiev.ua, temp3000.com, en.energinet.dk, energinet.dk, www.onlinebutik.dk, www.bogholder.dk, www.qq.dk, seenons.com, www.hofor.dk, mit.dk, danskehavne.dk, www.orion.te.ua

Detected attack on 2025-12-16_11-05-12

codabar@42de.it (Alfredo Terrone) — Tue, 16 Dec 2025 11:05:12 +0000

The attacks attributed to noname057 primarily target websites in Denmark and Ukraine. Key Danish sites include government and financial institutions, while Ukrainian targets involve various organizations and businesses. The attacks indicate a focus on critical infrastructure and service providers in these countries.^{AI generated}
22 targets are under attack, 6 new targets and 16 targets from previous attack
New Targets(6): lreri.tripod.com, www.materials.kiev.ua, www.ism.kiev.ua, www.orion.te.ua, merydian.kiev.ua, temp3000.com
Targets from prev attack(16): www.borger.dk, energinet.dk, mit.dk, www.molslinjen.dk, bofa.dk, www.retsinformation.dk, www.bogholder.dk, www.hofor.dk, www.onlinebutik.dk, seenons.com, danskehavne.dk, accountant.dk, www.tinglysning.dk, www.qq.dk, en.energinet.dk, www.dmi.dk
Dismissed Targets(0):

Detected attack on 2025-12-16_07-10-09

codabar@42de.it (Alfredo Terrone) — Tue, 16 Dec 2025 07:10:09 +0000

Noname057(16) has targeted various websites primarily in Denmark. The attacked sites include those related to transportation, government services, and online retail. Key sectors affected are public services, energy, and commerce, highlighting a concentrated focus on Danish digital infrastructure.^{AI generated}
16 targets are under attack, 3 new targets and 13 targets from previous attack
New Targets(3): seenons.com, energinet.dk, bofa.dk
Targets from prev attack(13): www.onlinebutik.dk, danskehavne.dk, accountant.dk, www.molslinjen.dk, www.borger.dk, www.retsinformation.dk, www.tinglysning.dk, www.bogholder.dk, www.dmi.dk, www.qq.dk, www.hofor.dk, mit.dk, en.energinet.dk
Dismissed Targets(0):

Detected attack on 2025-12-16_07-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 16 Dec 2025 07:05:08 +0000

Noname057(16) has targeted several Danish websites, primarily affecting entities in Denmark. The attacked sites include various sectors such as transportation, government services, and online retail, highlighting a focus on critical infrastructure and public services within the country.^{AI generated}
13 targets are under attack, 13 new targets and 0 targets from previous attack
New Targets(13): www.onlinebutik.dk, danskehavne.dk, accountant.dk, www.molslinjen.dk, www.borger.dk, www.retsinformation.dk, www.tinglysning.dk, www.bogholder.dk, www.dmi.dk, www.qq.dk, www.hofor.dk, mit.dk, en.energinet.dk
Targets from prev attack(0):
Dismissed Targets(31): cnap.gov.ua, askods.com, www.taarnby.dk, aesgroup.com.ua, www.aska-life.com.ua, www.bti.sumy.ua, byret.dk, cabinet.teplo.od.ua, www.ferrexpo.ua, www.rk.dk, politi.dk, www.bronderslev.dk, www.jammerbugt.dk, dinoffentligetransport.dk, rebild.dk, keramet.com.ua, www.dsb.dk, bm.dk, ac.dozvil-kiev.gov.ua, www.teplo.od.ua, www.odense.dk, gentofte.dk, rigsadvokaten.dk, vurdst.dk, handelsretten.dk, www.fmn.dk, www.vejle.dk, ishoj.dk, www.trm.dk, erc.ua, anklagemyndigheden.dk

Detected attack on 2025-12-16_06-30-09

codabar@42de.it (Alfredo Terrone) — Tue, 16 Dec 2025 06:30:09 +0000

Noname057(16) has targeted various websites primarily in Denmark and Ukraine. The main countries under attack include Denmark, with numerous local government and institutional sites such as bm.dk, vejle.dk, and politi.dk, alongside Ukraine, where sites like erc.ua and ferrexpo.ua are affected.^{AI generated}
31 targets are under attack, 0 new targets and 31 targets from previous attack
New Targets(0):
Targets from prev attack(31): bm.dk, www.bronderslev.dk, rigsadvokaten.dk, vurdst.dk, erc.ua, www.ferrexpo.ua, www.vejle.dk, ac.dozvil-kiev.gov.ua, anklagemyndigheden.dk, gentofte.dk, aesgroup.com.ua, politi.dk, ishoj.dk, cabinet.teplo.od.ua, www.dsb.dk, www.fmn.dk, askods.com, www.bti.sumy.ua, www.teplo.od.ua, www.jammerbugt.dk, www.aska-life.com.ua, dinoffentligetransport.dk, www.rk.dk, keramet.com.ua, byret.dk, rebild.dk, www.odense.dk, handelsretten.dk, cnap.gov.ua, www.trm.dk, www.taarnby.dk
Dismissed Targets(1): www.borger.dk

Detected attack on 2025-12-15_11-15-39

codabar@42de.it (Alfredo Terrone) — Mon, 15 Dec 2025 11:15:39 +0000

Noname057(16) has primarily targeted websites in Denmark and Ukraine. The attacks include various local government and public service sites in Denmark, such as gentofte.dk and politi.dk, as well as multiple Ukrainian sites, including erc.ua and ferrexpo.ua. The campaign highlights a focus on both national institutions and private companies within these two countries.^{AI generated}
32 targets are under attack, 11 new targets and 21 targets from previous attack
New Targets(11): keramet.com.ua, erc.ua, askods.com, cnap.gov.ua, www.aska-life.com.ua, ac.dozvil-kiev.gov.ua, www.bti.sumy.ua, www.teplo.od.ua, cabinet.teplo.od.ua, www.ferrexpo.ua, aesgroup.com.ua
Targets from prev attack(21): gentofte.dk, www.bronderslev.dk, politi.dk, anklagemyndigheden.dk, www.dsb.dk, vurdst.dk, ishoj.dk, www.odense.dk, bm.dk, www.taarnby.dk, rigsadvokaten.dk, www.trm.dk, www.rk.dk, www.fmn.dk, www.borger.dk, byret.dk, www.vejle.dk, handelsretten.dk, www.jammerbugt.dk, rebild.dk, dinoffentligetransport.dk
Dismissed Targets(0):

Detected attack on 2025-12-15_09-20-09

codabar@42de.it (Alfredo Terrone) — Mon, 15 Dec 2025 09:20:09 +0000

The attacks attributed to noname057 primarily target websites in Denmark. Key sectors affected include government services, public transportation, and local municipalities, indicating a focus on critical infrastructure and public resources within the country.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.rk.dk, vurdst.dk, ishoj.dk, byret.dk, gentofte.dk, www.trm.dk, www.taarnby.dk, www.fmn.dk, politi.dk, rebild.dk, handelsretten.dk, www.jammerbugt.dk, rigsadvokaten.dk, bm.dk, www.odense.dk, dinoffentligetransport.dk, anklagemyndigheden.dk, www.dsb.dk, www.bronderslev.dk, www.vejle.dk, www.borger.dk
Targets from prev attack(0):
Dismissed Targets(17): www.sibelga.be, www.asco.be, www.regioleverancier.be, www.tax-on-web.be, www.kuleuven.be, www.limburg.be, www.vlaamsbrabant.be, authentication.antwerpen.be, www.sabca.be, fnh.com, www.craneww.com, www.parlement-wallonie.be, www.provincedeliege.be, wallex.wallonie.be, www.wallonie.be, www.abx.com, agzportservices.com

Detected attack on 2025-12-13_07-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 13 Dec 2025 07:10:08 +0000

NoName057(16) has targeted various websites primarily in Belgium, including government and educational institutions. The main affected sites include those from the Flemish Brabant region, Wallonia, and notable organizations such as KU Leuven and Sibelga. Other targeted entities encompass tax services and regional suppliers, highlighting a focus on local governmental and infrastructural sectors.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.vlaamsbrabant.be, www.kuleuven.be, www.regioleverancier.be, www.craneww.com, wallex.wallonie.be, authentication.antwerpen.be, www.asco.be, www.tax-on-web.be, www.sibelga.be, www.wallonie.be, agzportservices.com, www.provincedeliege.be, www.limburg.be, www.parlement-wallonie.be, www.sabca.be, www.abx.com, fnh.com
Targets from prev attack(0):
Dismissed Targets(22): www2.telenet.be, www.lez.brussels, www.openvld.be, skm.com.ua, www.lesengages.be, visit.gent.be, cacti.skm.com.ua, www.migremont.zp.ua, www.vlaamsbelang.org, z.skm.com.ua, pm5.skm.com.ua, lez.antwerpen.be, www.stib-mivb.be, www.antonov.com, mijn.vlaamsbelang.org, www.cpbourg.com, bill.skm.com.ua, narp.ua, ecolo.be, www.arsenalcdb.com.ua, www.scarlet.be, zbx.skm.com.ua

Detected attack on 2025-12-12_15-55-11

codabar@42de.it (Alfredo Terrone) — Fri, 12 Dec 2025 15:55:11 +0000

The attacks attributed to noname057(16) primarily target websites in Belgium and Ukraine. Notable sites affected include various Belgian political and organizational platforms, such as vlaamsbelang.org and stib-mivb.be, as well as Ukrainian sites like antonov.com and cacti.skm.com.ua. This indicates a focus on both national and regional entities within these countries.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): visit.gent.be, www.scarlet.be, cacti.skm.com.ua, www.lez.brussels, www.arsenalcdb.com.ua, www.vlaamsbelang.org, www.antonov.com, narp.ua, www2.telenet.be, pm5.skm.com.ua, bill.skm.com.ua, www.cpbourg.com, www.stib-mivb.be, www.openvld.be, z.skm.com.ua, mijn.vlaamsbelang.org, lez.antwerpen.be, www.lesengages.be, www.migremont.zp.ua, zbx.skm.com.ua, skm.com.ua, ecolo.be
Dismissed Targets(8): login.prd.telenet.be, hbs-acc.economie.fgov.be, www.lo-reninge.be, nuclear.engie-electrabel.be, www.mr.be, alimak.com, www.proximus.com, www.linkebeek.be

Detected attack on 2025-12-12_11-10-11

codabar@42de.it (Alfredo Terrone) — Fri, 12 Dec 2025 11:10:11 +0000

The sites attacked by noname057 predominantly belong to organizations in Ukraine and Belgium. Key targets include Ukrainian sites like zbx.skm.com.ua and narp.ua, as well as various Belgian websites such as login.prd.telenet.be and hbs-acc.economie.fgov.be. Other notable countries involved in the attacks are represented by sites related to telecommunications and government services in Belgium.^{AI generated}
30 targets are under attack, 10 new targets and 20 targets from previous attack
New Targets(10): pm5.skm.com.ua, zbx.skm.com.ua, cacti.skm.com.ua, www.migremont.zp.ua, narp.ua, skm.com.ua, bill.skm.com.ua, www.antonov.com, www.arsenalcdb.com.ua, z.skm.com.ua
Targets from prev attack(20): login.prd.telenet.be, hbs-acc.economie.fgov.be, www2.telenet.be, www.lo-reninge.be, www.mr.be, nuclear.engie-electrabel.be, www.openvld.be, alimak.com, visit.gent.be, www.proximus.com, www.stib-mivb.be, lez.antwerpen.be, www.linkebeek.be, mijn.vlaamsbelang.org, www.lez.brussels, www.lesengages.be, ecolo.be, www.vlaamsbelang.org, www.scarlet.be, www.cpbourg.com
Dismissed Targets(0):

Detected attack on 2025-12-12_08-00-11

codabar@42de.it (Alfredo Terrone) — Fri, 12 Dec 2025 08:00:11 +0000

The attacks by noname057 primarily targeted websites in Belgium. Key sites affected include those related to local governments, telecommunications, and political organizations, such as www.lez.brussels, www.scarlet.be, and www.proximus.com. Other notable targets include various municipal and political party sites, indicating a focus on both public services and political entities within the country.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.lez.brussels, www.scarlet.be, visit.gent.be, www.cpbourg.com, www.proximus.com, alimak.com, www.stib-mivb.be, www2.telenet.be, mijn.vlaamsbelang.org, www.linkebeek.be, www.lesengages.be, www.vlaamsbelang.org, hbs-acc.economie.fgov.be, login.prd.telenet.be, ecolo.be, lez.antwerpen.be, www.lo-reninge.be, www.openvld.be, www.mr.be, nuclear.engie-electrabel.be
Targets from prev attack(0):
Dismissed Targets(29): lontzen.be, www.wezembeek-oppem.be, agro-ukraine.com, www.kd-life.com.ua, www.beobank.be, vertol.com.ua, tec.dp.ua, aeroprakt.kiev.ua, www.bever-bievene.be, www.eupen.be, www.mesen.be, www.ulf.com.ua, www.ukravtoline.com.ua, www.wemmel.be, nadu.com.ua, www.drogenbos.be, buellingen.be, www.europabank.be, www.kvorum.com.ua, vsenergy.com.ua, agrarka.com, www.waimes.be, www.sint-genesius-rode.be, enghien-auth.guichet-citoyen.be, www.flobecq.be, kniazha.ua, www.kelmis.be, www.kraainem.be, www.ronse.be

Detected attack on 2025-12-11_11-05-27

codabar@42de.it (Alfredo Terrone) — Thu, 11 Dec 2025 11:05:27 +0000

The attacks attributed to noname057(16) primarily targeted websites from Ukraine and Belgium. Key Ukrainian sites include those related to agriculture, aviation, and energy, such as www.ulf.com.ua and www.ukravtoline.com.ua. Belgian targets encompass various sectors, including banking and local government services, with sites like www.europabank.be and www.enghien-auth.guichet-citoyen.be. This indicates a focus on critical infrastructure and services in both countries.^{AI generated}
29 targets are under attack, 12 new targets and 17 targets from previous attack
New Targets(12): aeroprakt.kiev.ua, www.ukravtoline.com.ua, nadu.com.ua, www.ulf.com.ua, agro-ukraine.com, vertol.com.ua, kniazha.ua, www.kd-life.com.ua, agrarka.com, www.kvorum.com.ua, vsenergy.com.ua, tec.dp.ua
Targets from prev attack(17): www.kelmis.be, www.bever-bievene.be, www.waimes.be, www.beobank.be, www.sint-genesius-rode.be, www.ronse.be, lontzen.be, buellingen.be, enghien-auth.guichet-citoyen.be, www.drogenbos.be, www.eupen.be, www.mesen.be, www.flobecq.be, www.kraainem.be, www.wemmel.be, www.wezembeek-oppem.be, www.europabank.be
Dismissed Targets(0):

Detected attack on 2025-12-11_07-20-12

codabar@42de.it (Alfredo Terrone) — Thu, 11 Dec 2025 07:20:12 +0000

The attacks by noname057(16) primarily targeted websites in Belgium. The affected sites include various local and regional entities such as banks, municipalities, and community services. This indicates a focused effort on Belgian digital infrastructure.^{AI generated}
17 targets are under attack, 3 new targets and 14 targets from previous attack
New Targets(3): www.eupen.be, www.kelmis.be, lontzen.be
Targets from prev attack(14): www.beobank.be, www.flobecq.be, buellingen.be, www.wezembeek-oppem.be, www.bever-bievene.be, www.wemmel.be, www.sint-genesius-rode.be, enghien-auth.guichet-citoyen.be, www.waimes.be, www.drogenbos.be, www.ronse.be, www.mesen.be, www.europabank.be, www.kraainem.be
Dismissed Targets(0):

Detected attack on 2025-12-11_07-15-09

codabar@42de.it (Alfredo Terrone) — Thu, 11 Dec 2025 07:15:09 +0000

The attacks by noname057(16) primarily targeted websites in Belgium. Notable cities affected include Beobank in Brussels, Flobecq, Büllingen, Wezembeek-Oppem, Ronse, Europa Bank, Mesen, Wemmel, Sint-Genesius-Rode, Waimes, Drogenbos, Enghien, and Bever. These attacks highlight a concentrated effort against various local government and banking websites across the country.^{AI generated}
14 targets are under attack, 3 new targets and 11 targets from previous attack
New Targets(3): www.beobank.be, www.europabank.be, buellingen.be
Targets from prev attack(11): www.flobecq.be, www.bever-bievene.be, www.wezembeek-oppem.be, www.ronse.be, www.wemmel.be, www.sint-genesius-rode.be, www.waimes.be, www.drogenbos.be, enghien-auth.guichet-citoyen.be, www.mesen.be, www.kraainem.be
Dismissed Targets(0):

Detected attack on 2025-12-11_07-10-08

codabar@42de.it (Alfredo Terrone) — Thu, 11 Dec 2025 07:10:08 +0000

Noname057(16) has targeted several websites primarily in Belgium. The attacked sites include municipal and local government platforms, indicating a focus on regional authorities. Key cities under attack include Waimes, Kraainem, Wemmel, Sint-Genesius-Rode, Mesen, Bever-Bijvenne, Wezembeek-Oppem, Drogenbos, Ronse, Flobecq, and Enghien.^{AI generated}
11 targets are under attack, 5 new targets and 6 targets from previous attack
New Targets(5): www.waimes.be, www.wemmel.be, www.wezembeek-oppem.be, www.flobecq.be, enghien-auth.guichet-citoyen.be
Targets from prev attack(6): www.kraainem.be, www.sint-genesius-rode.be, www.mesen.be, www.bever-bievene.be, www.drogenbos.be, www.ronse.be
Dismissed Targets(5): www.skywin.be, www.asco.be, www.provincedeliege.be, planetsecuritygroup.com, fnh.com

Detected attack on 2025-12-11_07-05-09

codabar@42de.it (Alfredo Terrone) — Thu, 11 Dec 2025 07:05:09 +0000

Noname057(16) has targeted several websites primarily located in Belgium, including government and local municipality sites such as www.skywin.be, www.asco.be, and www.provincedeliege.be. Other attacked sites include various local entities like www.kraainem.be and www.sint-genesius-rode.be, as well as businesses such as planetsecuritygroup.com and fnh.com. The attacks highlight a focus on Belgian organizations and local governance.^{AI generated}
11 targets are under attack, 6 new targets and 5 targets from previous attack
New Targets(6): www.kraainem.be, www.sint-genesius-rode.be, www.mesen.be, www.bever-bievene.be, www.drogenbos.be, www.ronse.be
Targets from prev attack(5): www.skywin.be, www.asco.be, www.provincedeliege.be, planetsecuritygroup.com, fnh.com
Dismissed Targets(23): www.dieterengroup.com, www.parlement-wallonie.be, www.sibelga.be, rada-poltava.gov.ua, www.vivaqua.be, www.rada-poltava.gov.ua, www.deme-group.com, smr.gov.ua, www.publicprocurement.be, www.fluxys.com, www.vmr.gov.ua, zp.gov.ua, wallex.wallonie.be, www.tax-on-web.be, www.elia.be, adm.dp.gov.ua, www.cmb.be, loga.gov.ua, www.eliagroup.eu, www.katoennatie.com, www.monarchie.be, www.abx.com, mariupolrada.gov.ua

Detected attack on 2025-12-10_14-45-09

codabar@42de.it (Alfredo Terrone) — Wed, 10 Dec 2025 14:45:09 +0000

The attacks attributed to noname057 primarily targeted websites in Ukraine and Belgium. Notable Ukrainian sites include various government portals such as mariupolrada.gov.ua and zp.gov.ua, indicating a focus on local governance and public services. In Belgium, multiple entities, including provincial and municipal websites like www.provincedeliege.be and www.parlement-wallonie.be, were affected, highlighting a broader assault on governmental and corporate infrastructures.^{AI generated}
28 targets are under attack, 0 new targets and 28 targets from previous attack
New Targets(0):
Targets from prev attack(28): mariupolrada.gov.ua, www.asco.be, www.provincedeliege.be, www.katoennatie.com, www.tax-on-web.be, www.eliagroup.eu, zp.gov.ua, planetsecuritygroup.com, www.parlement-wallonie.be, rada-poltava.gov.ua, smr.gov.ua, www.abx.com, loga.gov.ua, www.deme-group.com, www.publicprocurement.be, www.vivaqua.be, www.dieterengroup.com, adm.dp.gov.ua, www.elia.be, www.sibelga.be, www.rada-poltava.gov.ua, www.cmb.be, wallex.wallonie.be, www.vmr.gov.ua, www.skywin.be, fnh.com, www.monarchie.be, www.fluxys.com
Dismissed Targets(11): stat.sunnet.ua, utels.ua, stat.utels.ua, maxnet.ua, www.intelekt.net, www.tenet.ua, my.digicom.ua, billing.intelekt.cv.ua, digicom.ua, sunnet.ua, my.maxnet.ua

Detected attack on 2025-12-10_14-30-09

codabar@42de.it (Alfredo Terrone) — Wed, 10 Dec 2025 14:30:09 +0000

Noname057(16) has targeted various websites primarily located in Belgium and Ukraine. The main countries under attack include Belgium, with numerous government and corporate sites such as cmb.be, parlement-wallonie.be, and elia.be, as well as Ukraine, featuring sites like stat.utels.ua, smr.gov.ua, and rada-poltava.gov.ua. The attacks appear to focus on both public institutions and private companies, indicating a broad range of interests in these regions.^{AI generated}
39 targets are under attack, 8 new targets and 31 targets from previous attack
New Targets(8): www.vmr.gov.ua, zp.gov.ua, smr.gov.ua, www.rada-poltava.gov.ua, rada-poltava.gov.ua, adm.dp.gov.ua, loga.gov.ua, mariupolrada.gov.ua
Targets from prev attack(31): www.cmb.be, www.parlement-wallonie.be, www.katoennatie.com, www.monarchie.be, fnh.com, stat.utels.ua, digicom.ua, www.publicprocurement.be, www.asco.be, www.vivaqua.be, www.skywin.be, sunnet.ua, www.dieterengroup.com, www.eliagroup.eu, billing.intelekt.cv.ua, wallex.wallonie.be, stat.sunnet.ua, my.maxnet.ua, planetsecuritygroup.com, www.fluxys.com, www.provincedeliege.be, www.elia.be, www.tenet.ua, my.digicom.ua, maxnet.ua, www.abx.com, utels.ua, www.intelekt.net, www.sibelga.be, www.deme-group.com, www.tax-on-web.be
Dismissed Targets(0):

Detected attack on 2025-12-10_11-05-09

codabar@42de.it (Alfredo Terrone) — Wed, 10 Dec 2025 11:05:09 +0000

The attacks attributed to noname057 primarily targeted websites in Belgium and Ukraine. Key sectors affected include government, energy, and telecommunications, with notable targets such as the Walloon Parliament, various utility companies, and technology firms. The attacks highlight a significant focus on critical infrastructure and public services in these countries.^{AI generated}
31 targets are under attack, 11 new targets and 20 targets from previous attack
New Targets(11): my.digicom.ua, stat.sunnet.ua, www.intelekt.net, maxnet.ua, stat.utels.ua, utels.ua, sunnet.ua, my.maxnet.ua, billing.intelekt.cv.ua, digicom.ua, www.tenet.ua
Targets from prev attack(20): www.katoennatie.com, www.parlement-wallonie.be, wallex.wallonie.be, www.skywin.be, www.elia.be, www.eliagroup.eu, www.abx.com, www.deme-group.com, planetsecuritygroup.com, www.sibelga.be, fnh.com, www.asco.be, www.monarchie.be, www.vivaqua.be, www.dieterengroup.com, www.tax-on-web.be, www.publicprocurement.be, www.cmb.be, www.provincedeliege.be, www.fluxys.com
Dismissed Targets(0):

Detected attack on 2025-12-10_07-20-08

codabar@42de.it (Alfredo Terrone) — Wed, 10 Dec 2025 07:20:08 +0000

Noname057(16) has targeted various websites primarily in Belgium. Notable sectors affected include utilities, public services, and government entities. Key organizations under attack include Deme Group, Elia, and various regional government sites, indicating a focus on critical infrastructure and public administration.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.deme-group.com, www.parlement-wallonie.be, wallex.wallonie.be, www.vivaqua.be, www.sibelga.be, www.elia.be, www.katoennatie.com, www.tax-on-web.be, www.eliagroup.eu, www.fluxys.com, www.skywin.be, www.provincedeliege.be, www.abx.com, www.dieterengroup.com, www.publicprocurement.be, www.monarchie.be, planetsecuritygroup.com, fnh.com, www.cmb.be, www.asco.be
Targets from prev attack(0):
Dismissed Targets(26): www.allroundforwarding.com, www.craneww.com, www.sioen.com, www.uz.gov.ua, progressio.be, www.sabca.be, pouvoirs-locaux.brussels, www.arp-gan.be, metro.kyiv.ua, cc.customs.gov.ua, marchespublics.wallonie.be, www.kuleuven.be, credendo.com, post.customs.gov.ua, www.wijngaardnatie.com, post2.customs.gov.ua, fnherstal.com, www.govex.be, www.oip.be, www.chrobinson.com, www.seafar.eu, www.gpcgov.be, customs.gov.ua, sw.customs.gov.ua, post1.customs.gov.ua, booking.uz.gov.ua

Detected attack on 2025-12-09_11-10-09

codabar@42de.it (Alfredo Terrone) — Tue, 09 Dec 2025 11:10:09 +0000

The attacks attributed to noname057 primarily targeted websites in Belgium and Ukraine. Notable Belgian sites include progressio.be, sioen.com, and sabca.be, while Ukrainian sites include customs.gov.ua, metro.kyiv.ua, and uz.gov.ua. The attacks reflect a focus on government, customs, and logistics sectors in these countries.^{AI generated}
26 targets are under attack, 9 new targets and 17 targets from previous attack
New Targets(9): booking.uz.gov.ua, post2.customs.gov.ua, customs.gov.ua, sw.customs.gov.ua, metro.kyiv.ua, post1.customs.gov.ua, cc.customs.gov.ua, post.customs.gov.ua, www.uz.gov.ua
Targets from prev attack(17): www.seafar.eu, www.sioen.com, www.gpcgov.be, www.craneww.com, www.govex.be, progressio.be, www.chrobinson.com, www.arp-gan.be, marchespublics.wallonie.be, www.kuleuven.be, pouvoirs-locaux.brussels, credendo.com, www.allroundforwarding.com, fnherstal.com, www.sabca.be, www.oip.be, www.wijngaardnatie.com
Dismissed Targets(0):

Detected attack on 2025-12-09_07-25-08

codabar@42de.it (Alfredo Terrone) — Tue, 09 Dec 2025 07:25:08 +0000

Noname057(16) has targeted several websites primarily located in Belgium. Key sectors affected include government, education, and various industries such as defense and logistics. The attacks have impacted organizations like universities, public authorities, and private companies, indicating a broad range of interests in the region.^{AI generated}
17 targets are under attack, 17 new targets and 0 targets from previous attack
New Targets(17): www.seafar.eu, www.arp-gan.be, www.oip.be, www.chrobinson.com, www.govex.be, www.sioen.com, www.craneww.com, www.allroundforwarding.com, marchespublics.wallonie.be, www.wijngaardnatie.com, progressio.be, www.kuleuven.be, www.sabca.be, credendo.com, fnherstal.com, pouvoirs-locaux.brussels, www.gpcgov.be
Targets from prev attack(0):
Dismissed Targets(30): authentication.antwerpen.be, www.brabantwallon.be, www.province.luxembourg.be, keramet.com.ua, www.limburg.be, www.teplo.od.ua, www.oost-vlaanderen.be, www.province.namur.be, www.hainaut.be, gouvernement.cfwb.be, www.autokraz.com.ua, www.antwerpen.be, www.provincedeliege.be, online.kyivcnap.gov.ua, www.federation-wallonie-bruxelles.be, www.krruda.dp.ua, www.dekamer.be, www.materials.kiev.ua, ma.provincedeliege.be, www.psa-antwerp.be, www.ferrexpo.ua, www.wallonie.be, www.vlaamsbrabant.be, cnap.gov.ua, www.icoterminals.com, www.provincieantwerpen.be, www.nova.be, cabinet.teplo.od.ua, temp3000.com, aet.be

Detected attack on 2025-12-08_11-05-09

codabar@42de.it (Alfredo Terrone) — Mon, 08 Dec 2025 11:05:09 +0000

The attacks attributed to noname057 primarily target websites in Ukraine and Belgium. Key countries under attack include Ukraine, with multiple sites such as online.kyivcnap.gov.ua and keramet.com.ua, and Belgium, featuring numerous regional government websites like wallonie.be and antwerpen.be. Other affected regions include provinces like Limburg and Namur, highlighting a concentrated effort against both governmental and industrial entities in these nations.^{AI generated}
30 targets are under attack, 10 new targets and 20 targets from previous attack
New Targets(10): online.kyivcnap.gov.ua, www.teplo.od.ua, www.ferrexpo.ua, www.materials.kiev.ua, www.krruda.dp.ua, www.autokraz.com.ua, cabinet.teplo.od.ua, temp3000.com, keramet.com.ua, cnap.gov.ua
Targets from prev attack(20): www.icoterminals.com, www.limburg.be, gouvernement.cfwb.be, www.province.luxembourg.be, www.hainaut.be, www.oost-vlaanderen.be, www.vlaamsbrabant.be, www.brabantwallon.be, www.province.namur.be, www.antwerpen.be, ma.provincedeliege.be, authentication.antwerpen.be, www.federation-wallonie-bruxelles.be, www.provincedeliege.be, www.dekamer.be, www.nova.be, www.provincieantwerpen.be, aet.be, www.wallonie.be, www.psa-antwerp.be
Dismissed Targets(0):

Detected attack on 2025-12-08_07-10-09

codabar@42de.it (Alfredo Terrone) — Mon, 08 Dec 2025 07:10:09 +0000

The attacks attributed to noname057 primarily targeted websites in Belgium, specifically affecting various regional and provincial government sites. Key areas under attack include Antwerp, Namur, Vlaams-Brabant, Liège, Hainaut, and Luxembourg, highlighting a focus on local governance and public services in the country.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): www.icoterminals.com, www.antwerpen.be, www.province.namur.be, www.vlaamsbrabant.be, www.provincedeliege.be, www.nova.be, www.limburg.be, www.federation-wallonie-bruxelles.be, www.hainaut.be, www.dekamer.be, ma.provincedeliege.be, www.wallonie.be, gouvernement.cfwb.be, authentication.antwerpen.be, www.brabantwallon.be, www.psa-antwerp.be, www.province.luxembourg.be, www.oost-vlaanderen.be, www.provincieantwerpen.be, aet.be
Targets from prev attack(0):
Dismissed Targets(23): www.meurthe-et-moselle.gouv.fr, www.hop.fr, www.saoneetloire.fr, auth.entreprises-collectivites.edf.fr, paiement-multicanal-api.ca.gouv.fr, www.visit-corsica.com, ambassadeurs.onlylyon.com, www.id-logistics.com, websso-gardian.myelectricnetwork.com, lidentitenumerique.laposte.fr, www.onlylyon.com, auth-ops.cotedor.fr, www.ville-saintesuzanne.re, thingsboard.labchatou.edf.fr, www.saint-benoit.re, www.amendes.gouv.fr, www.enpaysdelaloire.com, www.nouvelle-aquitaine-tourisme.com, tahiti-aeroports.com, www.polynesie-francaise.pref.gouv.fr, www.guadeloupe.gouv.fr, www.sortezchezvous.fr, www.essonne.gouv.fr

Detected attack on 2025-12-07_07-10-09

codabar@42de.it (Alfredo Terrone) — Sun, 07 Dec 2025 07:10:09 +0000

Noname057(16) has targeted various websites primarily in France, including government portals, tourism sites, and local services. Notable regions under attack include Île-de-France, Nouvelle-Aquitaine, and Guadeloupe. The attacks reflect a focus on both public services and regional tourism infrastructure.^{AI generated}
23 targets are under attack, 23 new targets and 0 targets from previous attack
New Targets(23): auth.entreprises-collectivites.edf.fr, ambassadeurs.onlylyon.com, www.meurthe-et-moselle.gouv.fr, www.onlylyon.com, auth-ops.cotedor.fr, thingsboard.labchatou.edf.fr, tahiti-aeroports.com, www.essonne.gouv.fr, www.nouvelle-aquitaine-tourisme.com, paiement-multicanal-api.ca.gouv.fr, lidentitenumerique.laposte.fr, www.amendes.gouv.fr, www.sortezchezvous.fr, www.saint-benoit.re, www.enpaysdelaloire.com, www.saoneetloire.fr, www.visit-corsica.com, www.id-logistics.com, www.hop.fr, www.guadeloupe.gouv.fr, www.ville-saintesuzanne.re, www.polynesie-francaise.pref.gouv.fr, websso-gardian.myelectricnetwork.com
Targets from prev attack(0):
Dismissed Targets(23): www.sarthe.gouv.fr, rec-websso-gardian.myelectricnetwork.com, www.ville-salazie.fr, www.axa.com, www.metro-rennes-metropole.fr, www.saone-et-loire.gouv.fr, www.loire-atlantique.fr, www.nouvelle-caledonie.gouv.fr, www.bouches-du-rhone.gouv.fr, projets-transports.nicecotedazur.org, www.province-iles.nc, saintlouis.re, www.haute-savoie.gouv.fr, tramway.angersloiremetropole.fr, www.moselle.gouv.fr, www.ville-dunkerque.fr, www.mont-dore.nc, www.province-nord.nc, www.ville-port.re, www.departement13.fr, www.angers.fr, www.seine-maritime.gouv.fr, www.province-sud.nc

Detected attack on 2025-12-06_07-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 06 Dec 2025 07:10:08 +0000

The attacks attributed to noname057 primarily target websites in France and New Caledonia. Key regions under attack include various French departments such as Moselle, Loire-Atlantique, Angers, Bouches-du-Rhône, Seine-Maritime, Sarthe, and Haute-Savoie, as well as municipal sites in cities like Dunkerque and Rennes. Additionally, several sites related to New Caledonia, including provincial government websites, have also been affected.^{AI generated}
23 targets are under attack, 23 new targets and 0 targets from previous attack
New Targets(23): saintlouis.re, www.moselle.gouv.fr, www.loire-atlantique.fr, www.angers.fr, www.bouches-du-rhone.gouv.fr, www.province-iles.nc, projets-transports.nicecotedazur.org, www.seine-maritime.gouv.fr, www.axa.com, www.sarthe.gouv.fr, www.saone-et-loire.gouv.fr, www.ville-port.re, www.metro-rennes-metropole.fr, www.ville-salazie.fr, tramway.angersloiremetropole.fr, www.ville-dunkerque.fr, www.nouvelle-caledonie.gouv.fr, www.departement13.fr, www.mont-dore.nc, www.haute-savoie.gouv.fr, www.province-sud.nc, rec-websso-gardian.myelectricnetwork.com, www.province-nord.nc
Targets from prev attack(0):
Dismissed Targets(30): www.lacroix-defense.com, www.knds.fr, www.altis.ua, www.dss-ua.com, dvmash.biz, www.chantiers-atlantique.com, www.bellross.com, www.pgmprecision.com, eurenco.com, www.niko.ua, lansys.com.ua, www.latecoere.aero, www.generixgroup.com, www.chapuis-armes.com, www.deltawilmar.com, musee-des-beaux-arts.nancy.fr, carto-maas.infotbm.com, amstor.com, gicat.com, www.adn-tourisme.fr, www.ca-assurances.com, www.paneuropeenne.com, www.securite-routiere.gouv.fr, www.azot.com.ua, www.esi-group.com, gtt.fr, phototheque.bellross.com, www.atout-france.fr, foxtrotgroup.com.ua, azocm.postavschiki.ua

Detected attack on 2025-12-05_17-10-09

codabar@42de.it (Alfredo Terrone) — Fri, 05 Dec 2025 17:10:09 +0000

The attacks attributed to noname057 primarily targeted websites from various countries, including France, Ukraine, and the United States. Key sectors affected include defense, tourism, and technology, with prominent organizations such as ESI Group, Atout France, and Lacroix Defense among the victims. The attacks highlight a broad range of industries, indicating a diverse threat landscape.^{AI generated}
30 targets are under attack, 0 new targets and 30 targets from previous attack
New Targets(0):
Targets from prev attack(30): www.esi-group.com, gicat.com, www.securite-routiere.gouv.fr, www.deltawilmar.com, www.atout-france.fr, lansys.com.ua, www.lacroix-defense.com, amstor.com, www.paneuropeenne.com, foxtrotgroup.com.ua, musee-des-beaux-arts.nancy.fr, www.bellross.com, carto-maas.infotbm.com, azocm.postavschiki.ua, www.chantiers-atlantique.com, eurenco.com, www.azot.com.ua, www.ca-assurances.com, www.latecoere.aero, dvmash.biz, www.chapuis-armes.com, www.pgmprecision.com, www.dss-ua.com, www.generixgroup.com, phototheque.bellross.com, www.niko.ua, www.adn-tourisme.fr, www.altis.ua, www.knds.fr, gtt.fr
Dismissed Targets(1): www.ville-saintesuzanne.re

Detected attack on 2025-12-05_11-05-08

codabar@42de.it (Alfredo Terrone) — Fri, 05 Dec 2025 11:05:08 +0000

The attacks attributed to noname057(16) primarily targeted websites in France, Ukraine, and other European countries. Key sectors affected include aviation, defense, tourism, and various industrial services. Notable targets include aerospace companies, art museums, and governmental organizations, indicating a diverse range of interests for the attackers.^{AI generated}
31 targets are under attack, 10 new targets and 21 targets from previous attack
New Targets(10): www.azot.com.ua, www.niko.ua, lansys.com.ua, www.altis.ua, dvmash.biz, foxtrotgroup.com.ua, www.dss-ua.com, azocm.postavschiki.ua, www.deltawilmar.com, amstor.com
Targets from prev attack(21): carto-maas.infotbm.com, www.latecoere.aero, www.chantiers-atlantique.com, www.chapuis-armes.com, musee-des-beaux-arts.nancy.fr, eurenco.com, phototheque.bellross.com, www.atout-france.fr, gtt.fr, www.knds.fr, www.paneuropeenne.com, www.adn-tourisme.fr, gicat.com, www.pgmprecision.com, www.ville-saintesuzanne.re, www.generixgroup.com, www.lacroix-defense.com, www.esi-group.com, www.bellross.com, www.ca-assurances.com, www.securite-routiere.gouv.fr
Dismissed Targets(0):

Detected attack on 2025-12-05_07-10-14

codabar@42de.it (Alfredo Terrone) — Fri, 05 Dec 2025 07:10:14 +0000

The attacks by noname057(16) primarily targeted websites in France, including various sectors such as tourism, aerospace, art, and defense. Notable sites affected include tourism-related platforms, aerospace companies, and government services, indicating a focus on critical infrastructure and national interests within the country.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.adn-tourisme.fr, www.knds.fr, www.latecoere.aero, www.chantiers-atlantique.com, musee-des-beaux-arts.nancy.fr, carto-maas.infotbm.com, eurenco.com, www.lacroix-defense.com, www.ville-saintesuzanne.re, www.generixgroup.com, www.pgmprecision.com, www.esi-group.com, www.atout-france.fr, www.securite-routiere.gouv.fr, gtt.fr, www.ca-assurances.com, www.paneuropeenne.com, www.chapuis-armes.com, www.bellross.com, phototheque.bellross.com, gicat.com
Targets from prev attack(0):
Dismissed Targets(27): chezara-telemetria.com, www.auvergnerhonealpes-tourisme.com, www.bordeaux-tourism.co.uk, www.enpaysdelaloire.com, www.nouvelle-aquitaine-tourisme.com, www.mairiedemtsangamouji.fr, sparing-vist.ua, deviro.ua, ville-cayenne.com, ukrjet.ua, www.dordogne-perigord-tourisme.fr, www.villedekoungou.fr, www.letampon.fr, tochprilad.com, www.tourisme-occitanie.com, www.saint-benoit.re, athlonavia.com, cotedazurfrance.fr, www.guadeloupe.gouv.fr, ville-basseterre.fr, www.visit-corsica.com, pamandzi.fr, www.onlylyon.com, ambassadeurs.onlylyon.com, www.sortezchezvous.fr, saint-andre.re, www.comstbarth.fr

Detected attack on 2025-12-04_14-30-10

codabar@42de.it (Alfredo Terrone) — Thu, 04 Dec 2025 14:30:10 +0000

The attacks by noname057(16) primarily targeted websites in France and its overseas territories, including Guadeloupe, Corsica, and various regions such as Auvergne-Rhône-Alpes and Nouvelle-Aquitaine. Other affected sites include tourism-related platforms and local government websites, indicating a focus on disrupting regional services and information access. Additionally, there were attacks on Ukrainian websites, highlighting a broader geographical impact beyond France.^{AI generated}
27 targets are under attack, 27 new targets and 0 targets from previous attack
New Targets(27): www.guadeloupe.gouv.fr, www.visit-corsica.com, cotedazurfrance.fr, www.auvergnerhonealpes-tourisme.com, www.dordogne-perigord-tourisme.fr, www.mairiedemtsangamouji.fr, tochprilad.com, ville-cayenne.com, www.onlylyon.com, www.sortezchezvous.fr, www.saint-benoit.re, pamandzi.fr, www.letampon.fr, sparing-vist.ua, www.tourisme-occitanie.com, ukrjet.ua, deviro.ua, www.villedekoungou.fr, saint-andre.re, ville-basseterre.fr, www.comstbarth.fr, www.nouvelle-aquitaine-tourisme.com, www.bordeaux-tourism.co.uk, athlonavia.com, www.enpaysdelaloire.com, ambassadeurs.onlylyon.com, chezara-telemetria.com
Targets from prev attack(0):
Dismissed Targets(30): www.rexel.com, x-city.ua, www.polynesie-francaise.pref.gouv.fr, auth-ops.cotedor.fr, lidentitenumerique.laposte.fr, tahiti-aeroports.com, www.amendes.gouv.fr, thingsboard.labchatou.edf.fr, tks.sumy.ua, paiement-multicanal-api.ca.gouv.fr, www.ovhcloud.com, www.id-logistics.com, websso-gardian.myelectricnetwork.com, order.eu.ovhcloud.com, home.l4.ua, sitv.com.ua, megaprostir.net, www.hop.fr, rec-websso-gardian.myelectricnetwork.com, www.framatome.com, auth.entreprises-collectivites.edf.fr, everest24.com.ua, triolan.com, www.meurthe-et-moselle.gouv.fr, l4.ua, www.ovh.com, www.getlinkgroup.com, www.shtorm.net, www.essonne.gouv.fr, mbt.sumy.ua

Detected attack on 2025-12-03_11-15-09

codabar@42de.it (Alfredo Terrone) — Wed, 03 Dec 2025 11:15:09 +0000

The attacks attributed to noname057(16) primarily targeted websites in Ukraine, France, and Canada. Key sites affected include x-city.ua and tks.sumy.ua from Ukraine, various French government and corporate sites like paiement-multicanal-api.ca.gouv.fr and rexel.com, as well as the Canadian site everest24.com.ua. These attacks indicate a focus on critical infrastructure and public services in these regions.^{AI generated}
30 targets are under attack, 10 new targets and 20 targets from previous attack
New Targets(10): everest24.com.ua, x-city.ua, home.l4.ua, mbt.sumy.ua, triolan.com, l4.ua, sitv.com.ua, tks.sumy.ua, megaprostir.net, www.shtorm.net
Targets from prev attack(20): thingsboard.labchatou.edf.fr, paiement-multicanal-api.ca.gouv.fr, www.amendes.gouv.fr, www.hop.fr, www.essonne.gouv.fr, www.getlinkgroup.com, www.polynesie-francaise.pref.gouv.fr, rec-websso-gardian.myelectricnetwork.com, www.framatome.com, order.eu.ovhcloud.com, tahiti-aeroports.com, auth.entreprises-collectivites.edf.fr, www.ovh.com, www.id-logistics.com, auth-ops.cotedor.fr, lidentitenumerique.laposte.fr, www.ovhcloud.com, www.meurthe-et-moselle.gouv.fr, www.rexel.com, websso-gardian.myelectricnetwork.com
Dismissed Targets(0):

Detected attack on 2025-12-03_07-15-08

codabar@42de.it (Alfredo Terrone) — Wed, 03 Dec 2025 07:15:08 +0000

Noname057(16) has targeted various websites across several countries, primarily focusing on France and Canada. The attacks include notable sites such as OVH, a major cloud service provider in France, and various government and logistics websites, indicating a significant interest in critical infrastructure and public services. Other affected entities include transportation and energy sectors, showcasing a broad range of targets within these nations.^{AI generated}
20 targets are under attack, 20 new targets and 0 targets from previous attack
New Targets(20): order.eu.ovhcloud.com, www.hop.fr, www.id-logistics.com, paiement-multicanal-api.ca.gouv.fr, www.getlinkgroup.com, www.ovh.com, lidentitenumerique.laposte.fr, www.meurthe-et-moselle.gouv.fr, www.framatome.com, www.amendes.gouv.fr, www.essonne.gouv.fr, thingsboard.labchatou.edf.fr, tahiti-aeroports.com, auth.entreprises-collectivites.edf.fr, auth-ops.cotedor.fr, websso-gardian.myelectricnetwork.com, www.polynesie-francaise.pref.gouv.fr, rec-websso-gardian.myelectricnetwork.com, www.ovhcloud.com, www.rexel.com
Targets from prev attack(0):
Dismissed Targets(28): www.saoneetloire.fr, www.mairie-saintpaul.re, www.orion.te.ua, villedemamoudzou.fr, www.paita.nc, lreri.tripod.com, www.materials.kiev.ua, www.saone-et-loire.gouv.fr, www.ville-salazie.fr, www.ville-port.re, merydian.kiev.ua, www.province-sud.nc, www.lyon.fr, www.eurelien.fr, www.ville-noumea.nc, www.saintpierre.re, www.ville-plainedespalmistes.fr, temp3000.com, www.autokraz.com.ua, www.haute-savoie.gouv.fr, www.mont-dore.nc, www.province-nord.nc, saintlouis.re, www.ain.fr, pribor.zp.ua, www.cotedor.fr, www.province-iles.nc, moncompte.departement13.fr

Detected attack on 2025-12-02_11-05-09

codabar@42de.it (Alfredo Terrone) — Tue, 02 Dec 2025 11:05:09 +0000

The attacks attributed to noname057(16) primarily target websites in France and various territories in the Pacific region, particularly New Caledonia and Réunion. Notable targets include government sites and local municipal websites, indicating a focus on regional infrastructure. Additionally, several Ukrainian sites were compromised, suggesting a broader interest in geopolitical tensions involving Ukraine. Overall, the attacks reflect a diverse range of targets across different countries, particularly in France and its overseas territories.^{AI generated}
28 targets are under attack, 7 new targets and 21 targets from previous attack
New Targets(7): www.autokraz.com.ua, www.orion.te.ua, merydian.kiev.ua, lreri.tripod.com, temp3000.com, pribor.zp.ua, www.materials.kiev.ua
Targets from prev attack(21): www.ville-port.re, www.province-iles.nc, www.mont-dore.nc, www.haute-savoie.gouv.fr, www.ville-salazie.fr, www.province-sud.nc, villedemamoudzou.fr, www.ville-plainedespalmistes.fr, www.lyon.fr, www.ain.fr, www.province-nord.nc, www.eurelien.fr, www.cotedor.fr, moncompte.departement13.fr, www.paita.nc, www.saone-et-loire.gouv.fr, www.mairie-saintpaul.re, www.ville-noumea.nc, saintlouis.re, www.saintpierre.re, www.saoneetloire.fr
Dismissed Targets(0):

Detected attack on 2025-12-02_07-10-10

codabar@42de.it (Alfredo Terrone) — Tue, 02 Dec 2025 07:10:10 +0000

The attacks attributed to noname057 primarily targeted websites in France and its overseas territories, including regions like Réunion, New Caledonia, and French Polynesia. Key cities affected include Saint-Paul, Lyon, Nouméa, and Salazie, among others. The attacks highlight a significant focus on local government and administrative sites across these areas.^{AI generated}
21 targets are under attack, 5 new targets and 16 targets from previous attack
New Targets(5): moncompte.departement13.fr, www.cotedor.fr, www.saoneetloire.fr, www.eurelien.fr, www.saone-et-loire.gouv.fr
Targets from prev attack(16): saintlouis.re, www.lyon.fr, www.ville-salazie.fr, www.paita.nc, www.saintpierre.re, www.ville-noumea.nc, www.province-sud.nc, www.province-iles.nc, villedemamoudzou.fr, www.haute-savoie.gouv.fr, www.ville-port.re, www.province-nord.nc, www.ville-plainedespalmistes.fr, www.ain.fr, www.mont-dore.nc, www.mairie-saintpaul.re
Dismissed Targets(0):

Detected attack on 2025-12-02_07-05-08

codabar@42de.it (Alfredo Terrone) — Tue, 02 Dec 2025 07:05:08 +0000

The attacks by noname057(16) primarily targeted websites in France and its overseas territories. Notable locations under attack include Saint Louis, Saint Paul, Lyon, and various municipalities in New Caledonia such as Nouméa and Paita. Additionally, regions like Haute-Savoie and Mayotte were also affected, indicating a focus on both metropolitan and overseas French entities.^{AI generated}
16 targets are under attack, 16 new targets and 0 targets from previous attack
New Targets(16): saintlouis.re, www.lyon.fr, www.ville-salazie.fr, www.paita.nc, www.saintpierre.re, www.ville-noumea.nc, www.province-sud.nc, www.province-iles.nc, villedemamoudzou.fr, www.haute-savoie.gouv.fr, www.ville-port.re, www.province-nord.nc, www.ville-plainedespalmistes.fr, www.ain.fr, www.mont-dore.nc, www.mairie-saintpaul.re
Targets from prev attack(0):
Dismissed Targets(33): www.bordeaux.fr, www.angers.fr, www.axa.com, www.moselle.gouv.fr, www.tam-voyages.com, tramway.angersloiremetropole.fr, www.metro-rennes-metropole.fr, agrarka.com, api.tam.cityway.fr, nadu.com.ua, www.kd-life.com.ua, aeroprakt.kiev.ua, www.tisseo.fr, www.bouches-du-rhone.gouv.fr, connexion.revuedesdeuxmondes.fr, www.ukravtoline.com.ua, agro-ukraine.com, www.kvorum.com.ua, www.departement13.fr, projets-transports.nicecotedazur.org, www.airtahiti.com, www.seine-maritime.gouv.fr, www.loire-atlantique.fr, vsenergy.com.ua, www.onac-vg.fr, www.nouvelle-caledonie.gouv.fr, www.ville-dunkerque.fr, www.sarthe.gouv.fr, kniazha.ua, vertol.com.ua, www.francesoir.fr, www.ulf.com.ua, tec.dp.ua

Detected attack on 2025-12-01_11-15-18

codabar@42de.it (Alfredo Terrone) — Mon, 01 Dec 2025 11:15:18 +0000

The attacks by noname057 primarily targeted websites in France and Ukraine. Key sectors affected include local government websites, public transportation, and various businesses. Notable French entities include regional government sites like www.loire-atlantique.fr and www.bouches-du-rhone.gouv.fr, while Ukrainian targets include sites like www.ukravtoline.com.ua and www.agro-ukraine.com. The attacks reflect a focus on critical infrastructure and public services in these countries.^{AI generated}
33 targets are under attack, 12 new targets and 21 targets from previous attack
New Targets(12): www.kd-life.com.ua, vertol.com.ua, agrarka.com, www.kvorum.com.ua, tec.dp.ua, kniazha.ua, agro-ukraine.com, www.ukravtoline.com.ua, vsenergy.com.ua, aeroprakt.kiev.ua, www.ulf.com.ua, nadu.com.ua
Targets from prev attack(21): www.departement13.fr, tramway.angersloiremetropole.fr, www.loire-atlantique.fr, www.tisseo.fr, www.nouvelle-caledonie.gouv.fr, www.bouches-du-rhone.gouv.fr, www.metro-rennes-metropole.fr, www.angers.fr, www.francesoir.fr, www.seine-maritime.gouv.fr, www.onac-vg.fr, www.moselle.gouv.fr, projets-transports.nicecotedazur.org, www.ville-dunkerque.fr, www.sarthe.gouv.fr, www.axa.com, www.airtahiti.com, www.bordeaux.fr, api.tam.cityway.fr, connexion.revuedesdeuxmondes.fr, www.tam-voyages.com
Dismissed Targets(0):

Detected attack on 2025-12-01_07-05-29

codabar@42de.it (Alfredo Terrone) — Mon, 01 Dec 2025 07:05:29 +0000

The attacks attributed to noname057(16) primarily targeted websites in France and New Caledonia. Key sectors affected include government services, transportation, and media, with notable sites such as various regional government portals, public transport services, and major corporations like AXA. The attacks highlight a focus on critical infrastructure and public services within these regions.^{AI generated}
21 targets are under attack, 21 new targets and 0 targets from previous attack
New Targets(21): www.bouches-du-rhone.gouv.fr, www.nouvelle-caledonie.gouv.fr, www.departement13.fr, www.axa.com, www.bordeaux.fr, www.francesoir.fr, www.metro-rennes-metropole.fr, www.airtahiti.com, tramway.angersloiremetropole.fr, connexion.revuedesdeuxmondes.fr, www.tisseo.fr, www.sarthe.gouv.fr, www.tam-voyages.com, www.moselle.gouv.fr, www.loire-atlantique.fr, www.seine-maritime.gouv.fr, api.tam.cityway.fr, www.ville-dunkerque.fr, www.angers.fr, www.onac-vg.fr, projets-transports.nicecotedazur.org
Targets from prev attack(0):
Dismissed Targets(26): www.parlamentodegalicia.es, www.teldat.com, www.palmasport.es, www.cacesa.es, licitaciones.canaldeisabelsegunda.es, www.toledo.es, ciberso.com, www.tecnove.com, www.apc.es, s2grupo.es, srm.canaldeisabelsegunda.es, oficinavirtual.canaldeisabelsegunda.es, eidas.izenpe.com, www.axians.es, sede.toledo.es, www.authusb.net, www.jtsec.es, www.bilbao.eus, www.advens.com, www.camaramadrid.es, www.innovasur.com, www.diputaciolleida.cat, www.metrobilbao.eus, www.canaldeisabelsegunda.es, santiagodecompostela.gal, mumken.es

Detected attack on 2025-11-30_07-10-08

codabar@42de.it (Alfredo Terrone) — Sun, 30 Nov 2025 07:10:08 +0000

The attacks attributed to noname057 primarily targeted Spain, with a focus on various governmental and organizational websites. Key sites affected include those related to regional governments, such as the Madrid and Galicia parliaments, as well as municipal sites from cities like Toledo and Bilbao. The attacks also impacted utility and service providers, highlighting a significant threat landscape within Spain's digital infrastructure.^{AI generated}
26 targets are under attack, 26 new targets and 0 targets from previous attack
New Targets(26): www.apc.es, oficinavirtual.canaldeisabelsegunda.es, www.camaramadrid.es, www.authusb.net, www.jtsec.es, www.teldat.com, srm.canaldeisabelsegunda.es, www.tecnove.com, www.innovasur.com, www.bilbao.eus, santiagodecompostela.gal, s2grupo.es, www.diputaciolleida.cat, www.cacesa.es, eidas.izenpe.com, mumken.es, sede.toledo.es, www.axians.es, www.parlamentodegalicia.es, www.advens.com, www.canaldeisabelsegunda.es, www.palmasport.es, licitaciones.canaldeisabelsegunda.es, www.metrobilbao.eus, www.toledo.es, ciberso.com
Targets from prev attack(0):
Dismissed Targets(23): www.coruna.gal, www.legebiltzarra.eus, energia.imdea.org, madrid.city-tour.com, sede.guardiacivil.gob.es, www.sedigas.es, id.coruna.gal, www.turismo.gal, socibusventas.es, www.tib.org, metromalaga.es, www.elcasco1920.com, www.transportepublico.es, www.metroligero-oeste.es, www.metrovalencia.es, www.puertos.es, www.emtmadrid.es, www.turgranada.es, www.crtm.es, www.tramalacant.es, www.parcan.es, www.cortsvalencianes.es, www.aecarretera.com

Detected attack on 2025-11-30_06-10-11

codabar@42de.it (Alfredo Terrone) — Sun, 30 Nov 2025 06:10:11 +0000

The attacks attributed to noname057(16) primarily target Spain, with a focus on various public transportation and government-related websites. Notable attacked sites include those from cities like Malaga, Valencia, and A Coruña, as well as regional transportation services and tourism-related platforms. The campaign highlights vulnerabilities in critical infrastructure and public services across the country.^{AI generated}
23 targets are under attack, 0 new targets and 23 targets from previous attack
New Targets(0):
Targets from prev attack(23): metromalaga.es, energia.imdea.org, www.metroligero-oeste.es, www.coruna.gal, www.transportepublico.es, socibusventas.es, www.turgranada.es, www.sedigas.es, www.tramalacant.es, www.puertos.es, sede.guardiacivil.gob.es, www.metrovalencia.es, www.cortsvalencianes.es, id.coruna.gal, www.tib.org, www.legebiltzarra.eus, www.parcan.es, www.emtmadrid.es, www.crtm.es, www.aecarretera.com, madrid.city-tour.com, www.turismo.gal, www.elcasco1920.com
Dismissed Targets(2): www.policia.es, metropolitanogranada.es

Detected attack on 2025-11-29_07-05-11

codabar@42de.it (Alfredo Terrone) — Sat, 29 Nov 2025 07:05:11 +0000

The attacks attributed to noname057 primarily targeted websites in Spain. Key sectors affected include public transportation, tourism, and government services, with notable targets being regional transport authorities and local government sites. Major cities under attack include Madrid, Granada, and Coruña, indicating a focus on critical infrastructure and public services across the country.^{AI generated}
25 targets are under attack, 25 new targets and 0 targets from previous attack
New Targets(25): www.tramalacant.es, www.legebiltzarra.eus, www.tib.org, socibusventas.es, metropolitanogranada.es, www.transportepublico.es, www.coruna.gal, metromalaga.es, www.turgranada.es, id.coruna.gal, www.puertos.es, sede.guardiacivil.gob.es, www.elcasco1920.com, www.cortsvalencianes.es, www.aecarretera.com, www.policia.es, www.metrovalencia.es, www.parcan.es, www.sedigas.es, madrid.city-tour.com, www.crtm.es, energia.imdea.org, www.emtmadrid.es, www.metroligero-oeste.es, www.turismo.gal
Targets from prev attack(0):
Dismissed Targets(20): o3.ua, rns.ccn-cert.cni.es, sso.ccn.es, sede.agenciatributaria.gob.es, www.valenciaport.com, ednon.com, best.net.ua, uar.net, suardiaz.com, www.bilbaoport.eus, www.mrw.es, my.homenet.ua, www.oneseq.es, www.lanet.ua, stat.uar.net, my.o3.ua, www.guardedbox.es, gls-group.com, homenet.ua, www.mrwburofax.es

Detected attack on 2025-11-29_06-10-08

codabar@42de.it (Alfredo Terrone) — Sat, 29 Nov 2025 06:10:08 +0000

The attacks attributed to noname057 primarily target websites in Spain and Ukraine. Notable Spanish sites include guardedbox.es, mrwburofax.es, bilbaoport.eus, and valenciaport.com. In Ukraine, targets include best.net.ua, homenet.ua, and o3.ua. The attacks also extend to various other domains, indicating a broad interest in disrupting services across these regions.^{AI generated}
20 targets are under attack, 0 new targets and 20 targets from previous attack
New Targets(0):
Targets from prev attack(20): www.guardedbox.es, ednon.com, www.mrwburofax.es, suardiaz.com, www.bilbaoport.eus, stat.uar.net, gls-group.com, best.net.ua, homenet.ua, sso.ccn.es, uar.net, www.valenciaport.com, www.mrw.es, www.lanet.ua, www.oneseq.es, my.o3.ua, rns.ccn-cert.cni.es, o3.ua, my.homenet.ua, sede.agenciatributaria.gob.es
Dismissed Targets(1): www.portdebarcelona.cat

Detected attack on 2025-11-28_15-00-24

codabar@42de.it (Alfredo Terrone) — Fri, 28 Nov 2025 15:00:24 +0000

Noname057(16) has targeted various websites across multiple countries. The principal countries under attack include Spain, with sites like guardedbox.es and agenciatributaria.gob.es, and Ukraine, featuring domains such as o3.ua and best.net.ua. Other affected regions include the Netherlands and various Spanish ports, highlighting a broad spectrum of targets in Europe.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): o3.ua, ednon.com, my.homenet.ua, homenet.ua, suardiaz.com, www.guardedbox.es, stat.uar.net, best.net.ua, sede.agenciatributaria.gob.es, rns.ccn-cert.cni.es, uar.net, sso.ccn.es, www.mrwburofax.es, www.valenciaport.com, www.bilbaoport.eus, www.mrw.es, www.portdebarcelona.cat, www.oneseq.es, gls-group.com, my.o3.ua, www.lanet.ua
Dismissed Targets(8): srm.canaldeisabelsegunda.es, oficinavirtual.canaldeisabelsegunda.es, licitaciones.canaldeisabelsegunda.es, www.apc.es, www.canaldeisabelsegunda.es, www.palmasport.es, www.cacesa.es, s2grupo.es

Detected attack on 2025-11-28_11-58-00

codabar@42de.it (Alfredo Terrone) — Fri, 28 Nov 2025 11:58:00 +0000

The attacks attributed to noname057 primarily target websites in Spain and Ukraine. Key sectors affected include government services, transportation, and utilities, with notable sites such as the Spanish tax agency, regional ports, and various local service providers. The attackers have shown a particular focus on critical infrastructure and public services in these countries.^{AI generated}
29 targets are under attack, 29 new targets and 0 targets from previous attack
New Targets(29): www.mrw.es, sede.agenciatributaria.gob.es, homenet.ua, rns.ccn-cert.cni.es, o3.ua, www.canaldeisabelsegunda.es, stat.uar.net, www.bilbaoport.eus, suardiaz.com, www.cacesa.es, uar.net, www.palmasport.es, srm.canaldeisabelsegunda.es, my.homenet.ua, www.lanet.ua, my.o3.ua, www.valenciaport.com, licitaciones.canaldeisabelsegunda.es, www.oneseq.es, ednon.com, www.mrwburofax.es, www.apc.es, sso.ccn.es, best.net.ua, s2grupo.es, www.portdebarcelona.cat, www.guardedbox.es, gls-group.com, oficinavirtual.canaldeisabelsegunda.es
Targets from prev attack(0):
Dismissed Targets(27): www.vmr.gov.ua, www.teldat.com, web.murcia.es, www.ciescc.es, sede.toledo.es, www.toledo.es, adm.dp.gov.ua, ciberso.com, mariupolrada.gov.ua, santiagodecompostela.gal, epicom.es, smr.gov.ua, mumken.es, www.autek.es, loga.gov.ua, www.jtsec.es, www.innovasur.com, www.authusb.net, www.bilbao.eus, zp.gov.ua, www.diputaciolleida.cat, rada-poltava.gov.ua, www.metrobilbao.eus, www.rada-poltava.gov.ua, www.camaramadrid.es, www.axians.es, www.advens.com

Detected attack on 2025-11-27_13-05-11

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 13:05:11 +0000

The attacks attributed to noname057 primarily targeted Spain and Ukraine. In Spain, various regional and municipal websites, including those of local governments and businesses, were compromised. Key targets included sites like jtsec.es, epicom.es, and metrobilbao.eus. In Ukraine, several government and municipal websites such as rada-poltava.gov.ua and smr.gov.ua were affected, indicating a focus on critical infrastructure and public services in both countries.^{AI generated}
27 targets are under attack, 2 new targets and 25 targets from previous attack
New Targets(2): smr.gov.ua, mariupolrada.gov.ua
Targets from prev attack(25): www.jtsec.es, epicom.es, www.diputaciolleida.cat, www.metrobilbao.eus, mumken.es, sede.toledo.es, www.teldat.com, rada-poltava.gov.ua, web.murcia.es, www.autek.es, loga.gov.ua, www.ciescc.es, www.authusb.net, adm.dp.gov.ua, www.axians.es, www.rada-poltava.gov.ua, santiagodecompostela.gal, www.camaramadrid.es, www.innovasur.com, www.advens.com, www.bilbao.eus, ciberso.com, www.vmr.gov.ua, zp.gov.ua, www.toledo.es
Dismissed Targets(0):

Detected attack on 2025-11-27_12-30-12

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 12:30:12 +0000

Noname057(16) has targeted various websites primarily in Ukraine and Spain. The main countries under attack include Ukraine, with multiple government and regional sites such as zp.gov.ua, adm.dp.gov.ua, and rada-poltava.gov.ua. Spain is also significantly affected, with attacks on sites like www.metrobilbao.eus, www.bilbao.eus, and various regional government and service websites, including www.camaramadrid.es and www.toledo.es.^{AI generated}
25 targets are under attack, 6 new targets and 19 targets from previous attack
New Targets(6): zp.gov.ua, www.vmr.gov.ua, loga.gov.ua, rada-poltava.gov.ua, www.rada-poltava.gov.ua, adm.dp.gov.ua
Targets from prev attack(19): www.metrobilbao.eus, www.autek.es, www.bilbao.eus, epicom.es, www.teldat.com, www.toledo.es, www.axians.es, ciberso.com, www.advens.com, www.diputaciolleida.cat, www.innovasur.com, www.jtsec.es, sede.toledo.es, web.murcia.es, www.camaramadrid.es, santiagodecompostela.gal, www.ciescc.es, mumken.es, www.authusb.net
Dismissed Targets(0):

Detected attack on 2025-11-27_07-30-09

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 07:30:09 +0000

The attacks by noname057(16) primarily targeted websites in Spain, including various regional government sites and local organizations. Key cities under attack include Toledo, Bilbao, and Santiago de Compostela, showcasing a focus on both municipal and business-related entities across the country.^{AI generated}
19 targets are under attack, 3 new targets and 16 targets from previous attack
New Targets(3): www.diputaciolleida.cat, web.murcia.es, santiagodecompostela.gal
Targets from prev attack(16): www.advens.com, www.autek.es, www.toledo.es, epicom.es, www.innovasur.com, www.axians.es, www.metrobilbao.eus, ciberso.com, www.camaramadrid.es, sede.toledo.es, www.authusb.net, mumken.es, www.ciescc.es, www.bilbao.eus, www.jtsec.es, www.teldat.com
Dismissed Targets(0):

Detected attack on 2025-11-27_07-25-10

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 07:25:10 +0000

Noname057(16) has targeted various websites primarily in Spain, including sectors such as technology, local government, and business services. Key attacked sites include advens.com, autek.es, toledo.es, and camaramadrid.es, indicating a focus on Spanish organizations and institutions.^{AI generated}
16 targets are under attack, 2 new targets and 14 targets from previous attack
New Targets(2): www.bilbao.eus, www.metrobilbao.eus
Targets from prev attack(14): www.advens.com, www.autek.es, www.toledo.es, epicom.es, www.innovasur.com, www.axians.es, ciberso.com, www.camaramadrid.es, sede.toledo.es, mumken.es, www.authusb.net, www.ciescc.es, www.jtsec.es, www.teldat.com
Dismissed Targets(0):

Detected attack on 2025-11-27_07-20-11

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 07:20:11 +0000

Noname057(16) has targeted various websites primarily in Spain. The attacked sites include government entities, cybersecurity firms, and technology companies, indicating a focus on critical infrastructure and private sectors within the country.^{AI generated}
14 targets are under attack, 2 new targets and 12 targets from previous attack
New Targets(2): sede.toledo.es, www.autek.es
Targets from prev attack(12): www.camaramadrid.es, www.ciescc.es, www.advens.com, ciberso.com, www.authusb.net, www.teldat.com, mumken.es, www.axians.es, www.innovasur.com, www.jtsec.es, epicom.es, www.toledo.es
Dismissed Targets(0):

Detected attack on 2025-11-27_07-15-09

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 07:15:09 +0000

Noname057(16) has targeted various websites primarily from Spain, including government, technology, and cybersecurity sectors. The main affected sites are from organizations like the Madrid Chamber of Commerce, cybersecurity companies, and telecommunications firms, indicating a focus on critical infrastructure and digital services within the country.^{AI generated}
12 targets are under attack, 12 new targets and 0 targets from previous attack
New Targets(12): www.camaramadrid.es, www.ciescc.es, www.advens.com, ciberso.com, www.authusb.net, www.teldat.com, mumken.es, www.axians.es, www.innovasur.com, www.jtsec.es, epicom.es, www.toledo.es
Targets from prev attack(0):
Dismissed Targets(33): sohonet.ua, skm.com.ua, eidas.izenpe.com, practika.ua, www.parlamentodeandalucia.es, revistasic.es, online.sumy.ua, www.sedigas.es, www.parlamentodegalicia.es, www.granada.org, z.skm.com.ua, www.turgranada.es, www.xunta.gal, billing.online.sumy.ua, parlamentodenavarra.es, eme-es.com, zbx.skm.com.ua, www.ccn-cert.cni.es, www.tribunalconstitucional.es, www.asambleamurcia.es, cacti.skm.com.ua, bill.skm.com.ua, siliconbirds.com, www.tecnove.com, mobile.online.sumy.ua, jornadas.ccn-cert.cni.es, firmaelectronica.gob.es, www.carm.es, www.legebiltzarra.eus, www.arbitramadrid.com, www.gva.es, trc.es, adminer.online.sumy.ua

Detected attack on 2025-11-27_06-05-08

codabar@42de.it (Alfredo Terrone) — Thu, 27 Nov 2025 06:05:08 +0000

The attacks attributed to noname057 primarily targeted websites in Spain and Ukraine. Key sectors affected include government, education, and technology, with notable sites such as the Spanish National Cybersecurity Institute, various regional parliaments, and local government portals. Additionally, Ukrainian entities were also targeted, indicating a focus on both countries in the cyber operations.^{AI generated}
33 targets are under attack, 0 new targets and 33 targets from previous attack
New Targets(0):
Targets from prev attack(33): www.legebiltzarra.eus, www.ccn-cert.cni.es, z.skm.com.ua, skm.com.ua, eme-es.com, revistasic.es, eidas.izenpe.com, mobile.online.sumy.ua, bill.skm.com.ua, www.xunta.gal, cacti.skm.com.ua, siliconbirds.com, www.arbitramadrid.com, firmaelectronica.gob.es, www.turgranada.es, parlamentodenavarra.es, www.sedigas.es, www.tecnove.com, www.tribunalconstitucional.es, www.gva.es, adminer.online.sumy.ua, www.asambleamurcia.es, sohonet.ua, zbx.skm.com.ua, billing.online.sumy.ua, www.parlamentodeandalucia.es, trc.es, www.carm.es, jornadas.ccn-cert.cni.es, www.granada.org, www.parlamentodegalicia.es, practika.ua, online.sumy.ua
Dismissed Targets(2): metropolitanogranada.es, www.jgpa.es

Detected attack on 2025-11-26_11-10-08

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 11:10:08 +0000

The attacks by noname057(16) primarily targeted websites in Ukraine and Spain. Key sectors affected include government, legal, and educational institutions. Notable domains include various regional parliaments in Spain, such as the Parliament of Galicia and the Parliament of Navarra, as well as several Ukrainian sites related to local administration and services.^{AI generated}
35 targets are under attack, 11 new targets and 24 targets from previous attack
New Targets(11): mobile.online.sumy.ua, bill.skm.com.ua, online.sumy.ua, cacti.skm.com.ua, billing.online.sumy.ua, adminer.online.sumy.ua, sohonet.ua, zbx.skm.com.ua, practika.ua, z.skm.com.ua, skm.com.ua
Targets from prev attack(24): www.tecnove.com, eidas.izenpe.com, revistasic.es, www.tribunalconstitucional.es, www.sedigas.es, eme-es.com, www.parlamentodeandalucia.es, www.jgpa.es, www.legebiltzarra.eus, www.parlamentodegalicia.es, www.granada.org, www.ccn-cert.cni.es, firmaelectronica.gob.es, www.asambleamurcia.es, trc.es, www.turgranada.es, www.gva.es, parlamentodenavarra.es, metropolitanogranada.es, www.arbitramadrid.com, siliconbirds.com, jornadas.ccn-cert.cni.es, www.xunta.gal, www.carm.es
Dismissed Targets(0):

Detected attack on 2025-11-26_09-40-10

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 09:40:10 +0000

The attacks attributed to noname057 primarily targeted websites in Spain. Key sectors affected include government institutions, regional authorities, and various organizations. Notable sites include the Constitutional Court, regional governments such as the Xunta de Galicia and the Andalusian Parliament, as well as local municipalities like Granada. The campaign highlights a focus on Spanish public administration and services, indicating a concentrated effort against the country's digital infrastructure.^{AI generated}
24 targets are under attack, 1 new targets and 23 targets from previous attack
New Targets(1): trc.es
Targets from prev attack(23): www.legebiltzarra.eus, www.tribunalconstitucional.es, www.carm.es, jornadas.ccn-cert.cni.es, www.ccn-cert.cni.es, revistasic.es, www.xunta.gal, www.granada.org, www.sedigas.es, www.tecnove.com, eidas.izenpe.com, siliconbirds.com, www.jgpa.es, www.turgranada.es, firmaelectronica.gob.es, www.arbitramadrid.com, www.gva.es, www.parlamentodegalicia.es, parlamentodenavarra.es, metropolitanogranada.es, www.parlamentodeandalucia.es, www.asambleamurcia.es, eme-es.com
Dismissed Targets(0):

Detected attack on 2025-11-26_09-15-08

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 09:15:08 +0000

The attacks attributed to noname057 primarily target Spain, with a focus on various governmental and regional websites. Key attacked sites include those of the Spanish government, regional parliaments, and local municipalities, indicating a concentrated effort against Spanish digital infrastructure. Notable regions affected include Andalusia, Galicia, and Navarra, highlighting the widespread nature of the attacks across the country.^{AI generated}
23 targets are under attack, 1 new targets and 22 targets from previous attack
New Targets(1): siliconbirds.com
Targets from prev attack(22): www.carm.es, www.gva.es, jornadas.ccn-cert.cni.es, www.granada.org, www.parlamentodeandalucia.es, revistasic.es, www.ccn-cert.cni.es, www.jgpa.es, www.xunta.gal, www.tribunalconstitucional.es, firmaelectronica.gob.es, www.asambleamurcia.es, www.parlamentodegalicia.es, www.turgranada.es, parlamentodenavarra.es, www.tecnove.com, eme-es.com, eidas.izenpe.com, www.legebiltzarra.eus, www.arbitramadrid.com, www.sedigas.es, metropolitanogranada.es
Dismissed Targets(0):

Detected attack on 2025-11-26_08-25-08

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 08:25:08 +0000

The attacks attributed to noname057 primarily targeted Spain, with notable sites including government institutions and regional parliaments such as the Constitutional Court, the Parliament of Andalusia, and the Parliament of Galicia. Additionally, various local government websites and electronic signature services were also affected, highlighting a focus on critical infrastructure and public services within the country.^{AI generated}
22 targets are under attack, 0 new targets and 22 targets from previous attack
New Targets(0):
Targets from prev attack(22): www.sedigas.es, www.tribunalconstitucional.es, metropolitanogranada.es, www.parlamentodeandalucia.es, www.gva.es, www.turgranada.es, www.tecnove.com, www.asambleamurcia.es, www.ccn-cert.cni.es, firmaelectronica.gob.es, www.carm.es, www.jgpa.es, www.parlamentodegalicia.es, eme-es.com, www.granada.org, www.xunta.gal, www.arbitramadrid.com, revistasic.es, www.legebiltzarra.eus, parlamentodenavarra.es, eidas.izenpe.com, jornadas.ccn-cert.cni.es
Dismissed Targets(0):

Detected attack on 2025-11-26_07-15-09

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 07:15:09 +0000

The attacks attributed to noname057 primarily target Spain, with various government and regional websites being affected. Key sites include the Galician government, the Murcia Assembly, and the Constitutional Court of Spain. Additionally, the attacks extend to local institutions and organizations, indicating a focus on disrupting public services and governmental operations within the country.^{AI generated}
22 targets are under attack, 1 new targets and 21 targets from previous attack
New Targets(1): revistasic.es
Targets from prev attack(21): www.xunta.gal, www.asambleamurcia.es, firmaelectronica.gob.es, www.ccn-cert.cni.es, www.tribunalconstitucional.es, www.parlamentodeandalucia.es, www.tecnove.com, eidas.izenpe.com, parlamentodenavarra.es, www.legebiltzarra.eus, www.gva.es, eme-es.com, jornadas.ccn-cert.cni.es, www.arbitramadrid.com, www.turgranada.es, metropolitanogranada.es, www.sedigas.es, www.parlamentodegalicia.es, www.granada.org, www.carm.es, www.jgpa.es
Dismissed Targets(0):

Detected attack on 2025-11-26_07-10-11

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 07:10:11 +0000

The sites targeted by noname057 include various government and regional institutions primarily from Spain. Key countries under attack are Spain, with notable domains from regions like Andalusia, Galicia, and Murcia. The attacks focus on official websites related to public services, electronic signatures, and regional parliaments.^{AI generated}
21 targets are under attack, 0 new targets and 21 targets from previous attack
New Targets(0):
Targets from prev attack(21): jornadas.ccn-cert.cni.es, www.turgranada.es, www.carm.es, www.legebiltzarra.eus, www.tecnove.com, www.ccn-cert.cni.es, eidas.izenpe.com, www.sedigas.es, www.xunta.gal, www.parlamentodegalicia.es, www.arbitramadrid.com, metropolitanogranada.es, firmaelectronica.gob.es, www.gva.es, eme-es.com, www.parlamentodeandalucia.es, www.asambleamurcia.es, www.tribunalconstitucional.es, parlamentodenavarra.es, www.granada.org, www.jgpa.es
Dismissed Targets(24): www.parcan.es, energia.imdea.org, www.transportepublico.es, www.turismo.gal, www.incibe.es, www.ism.kiev.ua, administracionelectronica.gob.es, merydian.kiev.ua, www.autokraz.com.ua, www.spain.info, www.coruna.gal, pribor.zp.ua, id.coruna.gal, temp3000.com, www.orion.te.ua, www.hellocanaryislands.com, www.elcasco1920.com, www.esmadrid.com, www.ineco.com, www.aecarretera.com, mpt.gob.es, www.materials.kiev.ua, www.cortsvalencianes.es, lreri.tripod.com

Detected attack on 2025-11-26_07-05-10

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 07:05:10 +0000

The attacks attributed to noname057 primarily target websites in Spain and Ukraine. Key sectors affected include government, tourism, energy, and transportation. Notable Spanish sites include parcan.es, jornadas.ccn-cert.cni.es, and spain.info, while Ukrainian targets feature ism.kiev.ua and autokraz.com.ua. The attacks highlight vulnerabilities in both countries' digital infrastructures.^{AI generated}
45 targets are under attack, 21 new targets and 24 targets from previous attack
New Targets(21): jornadas.ccn-cert.cni.es, www.turgranada.es, www.carm.es, www.legebiltzarra.eus, www.tecnove.com, www.ccn-cert.cni.es, eidas.izenpe.com, www.sedigas.es, www.xunta.gal, www.parlamentodegalicia.es, www.arbitramadrid.com, metropolitanogranada.es, firmaelectronica.gob.es, www.gva.es, eme-es.com, www.parlamentodeandalucia.es, www.asambleamurcia.es, www.tribunalconstitucional.es, parlamentodenavarra.es, www.granada.org, www.jgpa.es
Targets from prev attack(24): www.parcan.es, energia.imdea.org, www.transportepublico.es, www.turismo.gal, www.incibe.es, www.ism.kiev.ua, administracionelectronica.gob.es, merydian.kiev.ua, www.autokraz.com.ua, www.spain.info, www.coruna.gal, pribor.zp.ua, temp3000.com, id.coruna.gal, www.orion.te.ua, www.elcasco1920.com, www.hellocanaryislands.com, www.esmadrid.com, www.ineco.com, www.aecarretera.com, mpt.gob.es, www.materials.kiev.ua, www.cortsvalencianes.es, lreri.tripod.com
Dismissed Targets(1): www.puertos.es

Detected attack on 2025-11-26_06-10-08

codabar@42de.it (Alfredo Terrone) — Wed, 26 Nov 2025 06:10:08 +0000

The attacks attributed to noname057(16) primarily targeted websites from Spain and Ukraine. Key sectors affected include government services, tourism, and transportation, with notable sites like administracionelectronica.gob.es and www.transportepublico.es from Spain, as well as various educational and administrative sites from Ukraine, such as www.ism.kiev.ua and materials.kiev.ua.^{AI generated}
25 targets are under attack, 0 new targets and 25 targets from previous attack
New Targets(0):
Targets from prev attack(25): www.aecarretera.com, pribor.zp.ua, energia.imdea.org, www.cortsvalencianes.es, administracionelectronica.gob.es, www.ineco.com, www.ism.kiev.ua, www.orion.te.ua, www.hellocanaryislands.com, mpt.gob.es, www.parcan.es, www.puertos.es, www.esmadrid.com, merydian.kiev.ua, www.elcasco1920.com, www.turismo.gal, lreri.tripod.com, www.coruna.gal, id.coruna.gal, www.incibe.es, www.materials.kiev.ua, www.spain.info, www.autokraz.com.ua, www.transportepublico.es, temp3000.com
Dismissed Targets(2): www.cofides.es, administracion.gob.es