cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Russian hackers claim takedown of WA’s Transperth transport agency with DDoS attack

The Noname057(16) hacking group has targeted four Australian websites, with varying success.

user icon David Hollingworth
Fri, 27 Oct 2023
Russian hackers claim takedown of WA’s TransPerth transport agency with DDoS attack
expand image

The group – which has links to the Killnet operation – claimed the attacks on its Telegram channel, saying they were in response to Australian military aid to Ukraine.

“Australian authorities are sending a new package of military aid to Kyiv in the amount of 12 million dollars,” a Noname057(16) spokesperson said in an overnight statement.

The post went on to say that “Russophobes” are merely sending military equipment to be captured by Russian forces, while the money itself comes from “honest taxpayers”.


“We are going to Australia for destroying [sic] portals of critical infrastructure!” the post concluded before adding the four Australian targets, with proof of at least some brief disruption.

According to Check-host.net, all four sites suffered some downtime due to Noname057(16)’s distributed denial-of-service (DDoS) efforts. The listed sites are Adelaide Bank’s netbank portal, the Transperth transport agency, the Administrative Appeals Tribunal’s online portal, and the Northern Territory Department of Infrastructure, Planning and Logistics.

Of those sites, the Northern Territory department, the Appeals Tribunal portal, and the banking site are all operational and have been since at least 9am this morning (27 October).

The Transperth website has only been online intermittently, however, and remains offline. The outage may also be impacting the Transperth app, according to a discussion in the r/Perth Reddit community.

“Tried logging onto my Transperth app and website account to hotlist it,” a user said after losing their travel card, “but getting 503 error on website and app asked for update and now just sits there, not logging in”.

“Is this Transperth or is this me?” the post asked at 10.38pm on 26 October. Other users confirmed the sites were also down for them.

“Nah, it’s down,” said one user, with another agreeing.

Cyber Daily contacted the Administrative Appeals Tribunal to see if they had also been impacted, but apart from a possible incident earlier in October, the site has been fully operational.

“The AAT experienced an incident in early October 2023, which required us to close down one of our systems temporarily,” a spokesperson told Cyber Daily via email. “We successfully deployed measures to deal with the incident, and the system was restored swiftly.”

A spokesperson for the Northern Territory said it does not comment on cyber security matters but did say that the site was down at the time of our inquiry.

“The website has experienced performance issues and is currently offline for remediation,” the spokesperson said. The site is online at the time of writing.

Cyber Daily has reached out to Transperth for comment.

The Noname057(16) group has been in operation since at least March 2022, largely targeting Ukrainian, American, and European organisations.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.