The pro-Russian hacktivist group NoName057 has recently reactivated a series of attacks aimed at Spanish public entities. Their return occurs after the international operation 'Eastwood', coordinated by Europol and Eurojust, which in mid-July 2025 dismantled part of their infrastructure and caused multiple arrests in Europe, including several in Spain.
The Threat Intelligence division of the manufacturer Check Point has detected a new wave of offensives targeting municipalities, transport agencies, and other public entities. These actions reflect their intention to demonstrate that they still maintain operational capability, supported by allied collectives such as Z-pentest or Mr.Hamza.
Although many of the attacks were of short duration, en casos donde las defensas eran débiles consiguieron dejar sistemas inoperativos por horas. Lo llamativo es que el grupo anuncia previamente cada ataque en sus foros, with 24 horas de antelación, y luego difunde “pruebas” en sus canales de propaganda digital. Paralelamente, evoluciona de DDoS simples hacia intrusiones y exfiltración de datos, elevando el nivel de amenaza.
Expertos de Check Point advierten sobre la persistencia de NoName057 y recomiendan mantener una vigilancia constante. Las organizaciones deben reforzar su ciberseguridad con estrategias multinivel que incluyan protección avanzada frente a DDoS, sistemas de detección de intrusiones (IDS) y formación continua del personal para mitigar posibles impactos.
Fountain: Cybersecurity News