The recent indictment by the United States Department of Justice (DoJ) of two Sudanese nationals has shed light on the activities of the hacktivist group Anonymous Sudan. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, are accused of orchestrating over 35,000 Distributed Denial of Service (DDoS) attacks targeting critical infrastructure, hospitals, and major tech firms globally.
Anonymous Sudan has been on the radar since early 2023, carrying out attacks on high-profile entities such as ChatGPT, Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group. The group’s disruptive activities also extended to sensitive government and critical infrastructure in the U.S. and around the world, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles.
The DDoS attacks orchestrated by Anonymous Sudan caused significant damage, with some attacks lasting for days and leading to website and network disruptions. For instance, the attack on Cedars-Sinai Medical Center resulted in the redirection of incoming patients for eight hours, resulting in over $10 million in damages to U.S. victims.
One of the key highlights of the DoJ’s recent operation was the seizure of Anonymous Sudan’s powerful DDoS tool, known as the Distributed Cloud Attack Tool (DCAT). This tool, which was used to conduct attacks and sold as a service to other cybercriminals, was a central component of the group’s operations. The operation involved disabling and seizing servers associated with the tool, including those used to launch attacks and relay commands, as well as accounts containing the source code for the DDoS tools.
The actions taken against Anonymous Sudan are part of Operation PowerOFF, an international effort to dismantle DDoS-for-hire infrastructures that have been active since 2018. Several private sector entities, including Akamai SIRT, Amazon Web Services, Cloudflare, and Microsoft, have collaborated in the takedown efforts.
In response to the DoJ’s crackdown on Anonymous Sudan, Akamai SIRT expressed gratitude to the FBI, DOJ, and the Big Pipes working group for their efforts in prioritizing DDoS investigations and disrupting these malicious operations. The collaborative efforts of these entities reflect a commitment to safeguarding critical infrastructure and holding cybercriminals accountable for their actions.
The indictment of the two Sudanese nationals and the seizure of the DDoS tool used by Anonymous Sudan mark significant milestones in the fight against cybercriminal activities targeting vital systems and networks. The operation serves as a warning to other hacker groups and individuals involved in malicious activities that law enforcement agencies are actively pursuing those responsible and dismantling their infrastructures.