Security News > 2023 > June > Pro-Russia DDoSia hacktivist project sees 2,400% membership increase
The project was launched by a pro-Russian hacktivist group known as "NoName057(16)" last summer, quickly reaching 400 active members and 13,000 users on its Telegram channel.
In a new report released today, Sekoia analysts say that the DDoSia platform has grown significantly over the year, reaching 10,000 active members contributing firepower to the project's DDoS attacks and 45,000 subscribers on its main Telegram channel.
The DDoSia client launches a command line prompt that lists the targets fetched by the project's C2 server in encrypted form and lets members contribute to generating garbage requests directed at them.
Sekoia reverse-engineered the Windows 64-bit executable and found that it's a Go binary, using AES-GCM encryption algorithms to communicate with the C2. The C2 sends the target ID, host IP, request type, port, and other attack parameters in encrypted form to the DDoSia client, which is locally decrypted.
Sekoia collected data regarding some targets sent by the DDoSia C2 between May 8 and June 26, 2023, and found that those targeted were mostly Lithuanian, Ukrainian, and Polish, accounting for 39% of the project's total activity.
In conclusion, the DDoSia project continues to grow and has reached a large enough size to cause significant problems to its targets.