Skip to main content
close search
site logo

US disables Anonymous Sudan infrastructure linked to DDoS attack spree

Authorities unsealed charges alleging two Sudanese nationals ran the hacktivist group, linked to major attacks against Microsoft and others.

Published Oct. 17, 2024
David Jones's headshot
Reporter
The FBI seal
The seal of the FBI at the bureau's headquarters March 9, 2007, in Washington. U.S. officials announced the disruption of a hacktivist group identified as Anonymous Sudan on October. 16, 2024. Chip Somodevilla via Getty Images

A federal grand jury on Wednesday unsealed charges and announced a prior operation to disrupt Anonymous Sudan, a prolific hacktivist group that was linked to some of the biggest DDoS attacks in the world, including a 2023 attack against Microsoft

Federal officials indicted two Sudanese nationals, Ahmed Salah Yousif Omer, 22 and Alaa Salah Yusuuf Omer, 27, on charges of conspiracy to damage computers. Ahmed Salah was also charged with three counts of damaging protected computers. 

In March, the FBI and U.S. Attorney’s Office, pursuant to a warrant, disabled and seized a DDoS tool the group used to conduct attacks against the U.S. State Department, the Department of Defense, the FBI, Microsoft, Riot Games, Cedars-Sinai Medical Center in Los Angeles and other organizations. The group also allegedly sold the DDoS tool to other threat actors.

“The FBI’s seizure of this powerful attack tool successfully disabled the attack platform that caused widespread damage and destruction to critical infrastructure and networks across the world,” Rebecca Day, special agent in charge of the FBI Anchorage field office, said in a statement. “With the FBI’s mix of unique authorities, capabilities and partnerships, there is no limit to our reach when it comes to combating all forms of cybercrime and defending global cybersecurity.”

Since early 2023, Anonymous Sudan operators and their customers used a distributed cloud attack tool to launch more than 35,000 attacks across the globe, including more than 70 attacks against targets in the Los Angeles area, officials said. 

The victims included numerous government agencies, hospitals, network service providers and technology platforms, including Microsoft, Riot Games, Cedars-Sinai Medical Center and government agencies, including the U.S. State Department, Department of Defense and websites for the state of Alabama, according to the DOJ.

Microsoft in June 2023 linked Anonymous Sudan to a series of attacks targeting Azure, OneDrive and Outlook. A February 2024 attack against Cedars-Sinai forced patients to be rerouted to other facilities, according to the indictment. 

A spokesperson for Cedars-Sinai declined to comment citing the ongoing criminal matter. 

Numerous private entities assisted in the investigation, including Cloudflare, Akamai SIRT, CrowdStrike, Amazon Web Services, Google, Flashpoint and Microsoft. 

Editors' picks

Company Announcements

View all | Post a press release
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell