Uptime Hamster: 15d 10h 9mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza NoName

NoName

0 incidentes 0 paises 0 sectores ransomware RU Ultimo: -
Aliases: CosmicBeetle, Nnm05716, NoName057, NoName05716, 05716nnm, mySingleMessenger, NorthKorea vs Samsung, http, apt-unk2
Ver en IntelTracker → APTTrail →
NoName is a ransomware group, also known by the alias CosmicBeetle, that first appeared in September 2019, with activity significantly escalating in 2023. The group's primary motivation is financial gain through disruptive double extortion attacks. They distinguish themselves by their consistent use of data exfiltration before encryption, followed by ransom demands, and the operation of a dark web portal for publishing stolen data if payment is not made. NoName has shown operational evolution, shifting from using Scarab ransomware to developing their own ScRansom malware, and more recently observed deploying RansomHub malware as an affiliate. The group is notably known for mimicking the data leak sites of other prominent ransomware operations like LockBit to enhance their perceived reputation. It is critical to differentiate this ransomware group from the distinct, pro-Russian hacktivist DDoS group known as NoName057(16).

Aliases del actor

CosmicBeetleNnm05716NoName057NoName0571605716nnmmySingleMessengerNorthKorea vs Samsunghttpapt-unk2

Actores similares

apt-unk2actor · 1NoName057apt · 0apt-45actor · 2apt-c-27actor · 2apt-c-01actor · 2apt-c-12actor · 1apt-18actor · 1apt-1877teamactor · 1apt-27actor · 1apt-30actor · 1

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
DLS / leak siteunknownduckduckgo.comNoName057(16)
DLS / leak siteunknownduckduckgo.comNoName057(16)
DLS / leak siteupransomware.anggipradana.comRansomware Group: noname
DLS / leak siteupnitter.netHackmanac: #HackTuesday Hack Tuesday: Week 17 - 23 Jun 2026 374 cyber attacks across 62 countries The most active threat actor last week was NoName057(16) claiming responsibility for 38 cyber attacks. The USA is the most affected country, accounting for 21.4% of incidents, with 80 cyber attacks. The Gov / Mil / LE sector is the most targeted, accounting for 19.5% of incidents with 73 cyber attacks. The estimated Critical cyber attacks account to 54 (14.4% of the total).
X/Twitterupx.comHackmanac: #HackTuesday Hack Tuesday: Week 17 - 23 Jun 2026 374 cyber attacks across 62 countries The most active threat actor last week was NoName057(16) claiming responsibility for 38 cyber attacks. The USA is the most affected country, accounting for 21.4% of incidents, with 80 cyber attacks. The Gov / Mil / LE sector is the most targeted, accounting for 19.5% of incidents with 73 cyber attacks. The estimated Critical cyber attacks account to 54 (14.4% of the total).
Tecnicas MITRE
T1212, T1059.001, T1588.001, T1590.005, T1190, T1136.001
Tipo
ransomware
Pais origen
RU
Motivacion
-
Impacto
112
Actualizado
Sat, 20 Ju

Paises objetivo (SOCRadar)

American SamoaAustraliaBrazilCanadaSwitzerlandChinaCzech RepublicGermanyDenmarkSpain

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesMonetary Authorities-Central BankRail TransportationSoftware PublishersReal EstateAccommodationAir TransportationManufacturing