Published in News

Two Sudanese nationals indicted for DDoS attacks

by on18 October 2024
Two Sudanese nationals indicted for DDoS attacks


Alleged to be part of Anonymous Sudan

The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan.

For those not in the know, this was the group that conducted "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally.

The US has charged Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, with conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers.

The duo is believed to have controlled Anonymous Sudan, which has launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group since early 2023.

The group and its clients used the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical U.S. infrastructure and global infrastructure, including the DoJ, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles.

The attacks, which sometimes lasted days, reportedly caused significant damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Centre forced the redirection of incoming patients for eight hours, causing over $10 million in damages to US victims.

The pair allegedly made their DDoS tool available as subscriptions to paying customers. One package advertised last November charged $100 for one day of access, $600 for seven days, and $1,700 for a month of access. In February 2024, the service advertised a “botnet with a power of up to 2 TB, priced at $300 per day.” The package allegedly permitted up to 100 attacks each day.

In March, the federal authorities obtained a court warrant authorising them to seize critical components of the Anonymous Sudan DDoS infrastructure. The components included some computer servers that launched and controlled the DDoS attacks or relayed attack commands to a broader network of attack computers. Accounts storing source code for the DDoS tools were also seized.

Prosecutors didn’t say where the two defendants are or if they are scheduled to appear in court.

Rate this item
(0 votes)
Tagged under
More in this category: « Qualcomm pulls Snapdragon Developer Kit for Windows Chinese want Intel chips checked for backdoors »
back to top

Most popular

Latest comments