NoName is a pro-Russia hacktivist group active in campaigns against critical infrastructure and Ukrainian targets. Reporting cited in the content states that CISA, FBI, NSA, Europol EC3, and other partners warned in early December 2025 that NoName, alongside Z-Pentest, Sector16, and Cyber Army of Russia Reborn (CARR), was actively targeting critical infrastructure organizations worldwide. The group was also identified in the Communications Security Establishment Canada annual report as having gained unauthorized access to a municipal water treatment facility in Quebec on October 7, 2025. In Ukraine-focused activity, NoName is described as the most active group targeting Ukraine, responsible for 36% of observed attacks in the referenced reporting. Its activity there included DDoS operations against multiple Ukrainian telecom service providers, and it was reported as having targeted 84 of 111 Ukrainian government and critical-sector websites hit in a coordinated campaign beginning on August 8. The content associates NoName primarily with disruptive hacktivist operations, especially DDoS attacks, against government, telecommunications, and other critical infrastructure targets.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Sectors the actor has been observed targeting.
Geographies tied to known operations.
8 distinct techniques observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.
6 indicators attributed to this actor: domains, IPs, hashes, and other artifacts pulled from reporting. View more in app.
5 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Hacktivist activity involving unauthorized access to a municipal water treatment facility in Quebec.
NoName is a pro-Russia hacktivist group known for targeting European critical infrastructure with disruptive cyberattacks, including ransomware operations.
NoName is a pro-Russia hacktivist group targeting critical infrastructure organizations worldwide.
Pro-Russia hacktivist group actively targeting critical infrastructure organizations worldwide.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.