These groups have also demonstrated capabilities in targeting operational technology environments, successfully manipulating water treatment facility control systems and forcing critical infrastructure to manual operation modes, highlighting the serious implications of their expanding technical proficiency. This operation involved seven distinct hacktivist groups, including Dark Storm Team, ServerKillers, NoName057(16), and Z-PENTEST ALLIANCE, targeting Lithuanian financial institutions and government infrastructure following the country’s calls for increased sanctions against Russia. The cybersecurity landscape has witnessed a dramatic escalation in pro-Russian hacktivist activities since the onset of 2025, with emerging alliances between established and newly formed groups launching increasingly sophisticated attacks against Western infrastructure. These cyber operations, driven by geopolitical tensions surrounding the Russia-Ukraine conflict, have evolved from simple website defacements to coordinated campaigns targeting critical infrastructure across Europe and North America. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. These organizations have quickly established themselves as formidable threats, conducting distributed denial-of-service attacks, exploiting SQL injection vulnerabilities, and targeting industrial control systems with unprecedented coordination. Intel 471 analysts identified a concerning trend in the formation of strategic alliances between these groups, particularly evident in the coordinated #OpLithuania campaign launched in May 2025. New groups have emerged to fill this vacuum, including IT Army of Russia, which surfaced in March 2025, and TwoNet, which began operations in January 2025. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The technical sophistication of these attacks has reached alarming levels, with groups deploying advanced tools and methodologies previously associated with state-sponsored actors. Recent attacks have achieved unprecedented scale, with Cloudflare recording a 7.3 terabits per second DDoS attack in May 2025, consisting primarily of UDP packets. The current leader in this space, NoName057(16), operates the DDoSia project, a sophisticated crowdsourced attack platform developed in the Go programming language. The DDoSia project exemplifies this advancement, functioning as a distributed attack platform where volunteers download and execute builds in their local environments.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Jul 2025 11:40:23 +0000