Financial incentives leveraged by pro-Russian DDoS attack project

BleepingComputer reports that volunteer threat actors conducting distributed denial-of-service attacks against Western organizations are being paid by pro-Russian group NoName057(16) as part of its crowdsourced DDOSIA project introduced in August. NoName057(16) rolled out DDOSIA through Telegram, with the channel already having more than 13,000 members, according to a Radware report. After registering through Telegram, volunteers will be given a ZIP archive containing the malware and unique user IDs, which is then linked to a cryptocurrency wallet where monetary payment for DDoS attack participation will be sent. While NoName057(16) has given up to 80,000 rubles, or $1,250, to the top three contributors in the DDoS attack wave, the group announced expanding its payouts to the top 10 leading contributors in the attacks launched against U.S. airports. NoName057(16), which emerged in March, was reported by Avast researchers to have launched DDoS attacks against Ukrainian organizations from June to September, with 40% of the attacks being successful.