Russian sympathizers have taken down Stuttgart's online platform.
In a series of disruptive cyberattacks, the pro-Russian hacking group NoName057(16) has targeted various German cities and government websites, as well as high-profile events like the Munich Security Conference.
Last week, the website of the Stuttgart city administration was taken down in a DDoS (Distributed Denial of Service) attack. The city administration had to take its site offline due to the cyberattack, but the cause of the outage was a DDoS attack, according to the city. The group has claimed responsibility for the attack, as reported by police.
Similarly, the Berlin city portal was inaccessible for several days due to a DDoS attack, and the portal of the Saxon state capital Dresden was also affected by a DDoS attack. The city of Ellwangen also reported a cyberattack on April 24, but it is unclear if it was a DDoS attack.
No data leakage from the state has been reported according to the Cybersecurity Agency. However, no further details about the impact of the cyberattacks or the current status of the affected websites have been provided.
NoName057(16) operates a sophisticated multi-tier command-and-control network to manage DDoS attacks. They use a Go-based DDoS client called "DDoSia," which recruits volunteers via Telegram, enabling even low-skilled participants to contribute to attacks using encrypted target lists.
The group has repeatedly targeted German entities, with their cyber waves paralyzing various German company and government websites, including those of police authorities, the Federal Ministry for Digital and State Modernization, the Federal President, and various city websites.
In July 2025, international coordinated actions named Operation Eastwood, led by Europol and Eurojust with participation from Germany and other nations, dismantled over 100 servers and disrupted much of NoName057(16)’s infrastructure. Several arrests and arrest warrants were issued, including six in Germany targeting Russian nationals identified as key operatives and ringleaders.
Despite these law enforcement efforts, NoName057(16) publicly dismissed the crackdown on their Telegram propaganda channel and called for retaliation, claiming they disabled multiple German government websites shortly after the operation.
The group's motives align with Kremlin interests, as they have also targeted NATO allies such as Sweden, Switzerland, and events like NATO summits. Their operational schedules align with Russian business hours, indicating probable Russia-based coordination.
In conclusion, NoName057(16) is a persistent pro-Russian hacktivist group orchestrating politically motivated DDoS attacks against German cities, state websites, and high-profile events. While law enforcement operations have disrupted their infrastructure and led to arrests, the group remains active and vocal in cyber retaliation calls.
References: [1] dpa/lsw and sta [2] Previously, the SWR had reported on this [3] No further details provided.
Read also:
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Web3 Esports undergoes transformation as Aylab and CreataChain collaborate for a radical change
- Latest Tech Highlights: Top Gadgets of March 2025
- Agencies within the United States and international partners release recommendations on conducting inventories for operational technology assets
