Pro-Russian hacker group more active than ever after Europol takedown

In mid-July, Europol announced that it, together with the police in 12 countries, including the Netherlands, had dismantled and taken down the pro-Russian cybercrime network NoName057(16). But the operation seems to have had little effect. Within a week, the hacker collective was active again, and they are now committing more attacks than ever, Pointer reports based on an analysis of messages from NoName057(16) in collaboration with the Belgian broadcaster VRT NWS.

The Europol operation took the hackers offline for seven days. When they came back online, the average number of website attacks rose from 39 per day in 2025 before the Europol takedown to 63 per day in the subsequent 15 days.

In total, the group attacked 448 different websites between July 23 and August 6 this year, according to Pointer. Targets included political parties, local governments, transport companies, and police in Germany, Denmark, Belgium, Lithuania, France, and Italy.

NoName has also formed new alliances with other pro-Russian hacktivist teams. “It’s time for retaliation,” the hacker group wrote on Telegram. And on X: “Europol’s operation had no effect on us. Our attacks continue! The enemy is being defeated!”

A Europol spokesperson told Pointer that the police operation was never aimed at completely dismantling the pro-Russian group, but disrupting their attack structure and making it more difficult for them to operate.

Hactivist groups like NoName057(16) are difficult to dismantle because they consist of many ideologically motivated individuals, the Europol spokesperson said. “One of the goals of the operation was to send a clear message to the smaller players within the group: they are not anonymous, their actions have consequences, and they are under the watchful eye of law enforcement.”