On May 4, 2025, several official Romanian websites, including those of the Ministry of Interior and Ministry of Justice, were hit by a cyberattack. Users attempting to access the sites were met with various errors. The pro-Russian hacking group NoName057, also known as DDOSIA, claimed responsibility for the attack. The group, which has been involved in previous cyberattacks in Europe, targeted institutions and candidates in Romania.
The cyberattack was confirmed by Romanian authorities, with the National Directorate for Cyber Security (DNSC) announcing that the targeted websites had been restored. The DNSC confirmed that as of 2:00 PM on May 4, 2025, all affected sites were back online. The attack, classified as a Distributed Denial of Service (DDoS), sent overwhelming traffic to the sites, rendering them inaccessible.
The hacker group, NoName057, declared its role in the attack through Telegram posts.
NoName057 has been involved in various cyberattacks across the globe, primarily targeting government sites, media outlets, and private organizations. The group’s activities have been linked to pro-Russian objectives, as they aim to disrupt communications and promote a pro-Kremlin narrative. While lacking an official structure, NoName057 functions as a network of digital activists using Telegram and GitHub to coordinate and publicize its activities.
The group’s attack tool, DDOSIA, is designed to overload servers and shut down websites through DDoS attacks.
Since its emergence in March 2022, NoName057 has targeted numerous institutions in countries like Ukraine and the United States. Its initial focus was to block access to Ukrainian publications, in line with the ongoing Russian conflict. The group uses Telegram to boast about its attacks and spread its propaganda, positioning itself as a significant actor in the digital space. Despite the attacks’ severity, Romanian authorities have restored the compromised websites and strengthened their cybersecurity measures.
Reference:
