Hello Community,
We have released an urgent threat advisory covering the surge in retaliatory hacktivist DDoS activity following Operation Epic Fury / Roaring Lion, the coordinated U.S.-Israeli military campaign launched against Iran on February 28, 2026.
Key Insights:
Scale: Nine hacktivist groups claimed 107 attacks against 81 organizations across 8 countries in just three days.
Dominant Players: Three groups (Keymous+, DieNet, and NoName057(16)) were responsible for nearly 75% of all attack claims.
Primary Targets: Government institutions accounted for 53% of all attacks, followed by finance (14%) and telecom (9%).
Speed: Hacktivist groups mobilized and launched their first attacks within nine hours of the initial military strikes.
Expanding Front: On March 2, pro-Russian group NoName057(16) joined the pro-Iranian campaign, signaling a broadening of the threat.
Recommended Actions:
Immediate Protection: Ensure your DDoS mitigation is active and up to date. No organization, regardless of sector or geography, should consider itself outside the target zone.
Monitor Threat Intelligence: The entry of pro-Russian actors marks a significant escalation. Stay close to evolving group alliances as this conflict continues.
Full advisory: Retaliatory Hacktivist DDoS Activity Following Operation Epic Fury / Roaring Lion
Note: These are not opportunistic attacks. They are coordinated campaigns designed to disrupt national stability and public trust.
Kind regards,
Pascal