Sudanese Brothers Arrested in AnonSudan Takedown Krebs on Security
pThe US government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan aka AnonSudan a cybercrime business known for launching powerful distributed denialofservice DDoS attacks against a range of targets including dozens of hospitals news websites and cloud providers The younger brother is facing charges that could land him life in prison for allegedly seeking to kill people with his attacksppImage FBIppActive since at least January 2023 AnonSudan has been described in media reports as a hacktivist group motivated by ideological causes But in a criminal complaint the FBI said those highprofile cyberattacks were effectively commercials for the hackers DDoSforhire service which they sold to paying customers for as little as 150 a day with up to 100 attacks allowed per day or 700 for an entire weekppThe complaint says despite reports suggesting Anonymous Sudan might be statesponsored Russian actors pretending to be Sudanese hackers with Islamist motivations AnonSudan was led by two brothers in Sudan Ahmed Salah Yousif Omer 22 and Alaa Salah Yusuuf Omer 27ppAnonSudan claimed credit for successful DDoS attacks on numerous US companies causing a multiday outage for Microsofts cloud services in June 2023 The group hit PayPal the following month followed by TwitterX Aug 2023 and OpenAI Nov 2023 An indictment in the Central District of California notes the duo even swamped the websites of the FBI and the Department of StateppProsecutors say Anonymous Sudan offered a Limited Internet Shutdown Package which would enable customers to shut down internet service providers in specified countries for 500 USD an hour The two men also allegedly extorted some of their victims for money in exchange for calling off DDoS attacksppThe government isnt saying where the Omer brothers are being held only that they were arrested in March 2024 and have been in custody since A statement by the US Department of Justice says the government also seized control of AnonSudans DDoS infrastructure and servers after the two were arrested in MarchppAnonSudan accepted orders over the instant messaging service Telegram and marketed its DDoS service by several names including Skynet InfraShutdown and the Godzilla botnet However the DDoS machine the Omer brothers allegedly built was not made up of hacked devices as is typical with DDoS botnetsppInstead the government alleges Skynet was more like a distributed cloud attack tool with a command and control C2 server and an entire fleet of cloudbased servers that forwards C2 instructions to an array of open proxy resolvers run by unaffiliated third parties which then transmit the DDoS attack data to the victimsppAmazon was among many companies credited with helping the government in the investigation and said AnonSudan launched its attacks by finding hosting companies that would rent them small armies of serversppWhere their potential impact becomes really significant is when they then acquire access to thousands of other machines typically misconfigured web servers through which almost anyone can funnel attack traffic Amazon explained in a blog post This extra layer of machines usually hides the true source of an attack from the targetsppThe security firm CrowdStrike said the success of AnonSudans DDoS attacks stemmed from a combination of factors including sophisticated techniques for bypassing DDoS mitigation services Also AnonSudan typically launched socalled Layer 7 attacks that sought to overwhelm targeted API endpoints the back end systems responsible for handling website requests with bogus requests for data leaving the target unable to serve legitimate visitorsppThe Omer brothers were both charged with one count of conspiracy to damage protected computers The younger brother Ahmed Salah was also charged with three counts of damaging protected computersppA passport for Ahmed Salah Yousif Omer Image FBIppIf extradited to the United States tried and convicted in a court of law the older brother Alaa Salah would be facing a maximum of five years in prison But prosecutors say Ahmed Salah could face life in prison for allegedly launching attacks that sought to kill peopleppAs Hamas fighters broke through the border fence and attacked Israel on Oct 7 2023 a wave of rockets was launched into Israel At the same time AnonSudan announced it was attacking the APIs that power Israels widelyused red alert mobile apps that warn residents about any incoming rocket attacks in their areappIn February 2024 AnonSudan launched a digital assault on the CedarsSinai Hospital in the Los Angeles area an attack that caused emergency services and patients to be temporarily redirected to different hospitalsppThe complaint alleges that in September 2023 AnonSudan began a weeklong DDoS attack against the Internet infrastructure of Kenya knocking offline government services banks universities and at least seven hospitalspp
This entry was posted on Thursday 17th of October 2024 1017 AM
ppWe experience occasional extreme slowness in responses from our shared hosting server Our host says it is not our server or other clients on our shared hosting but nothing has changed on our websites and they are low volume Is it possible these or other actors have found a misconfigured web server and are using it to launch attackspponly your web host could answer that but worth checking your logs for unusual trafficppi highly doubt that youre being attacked if youre on shared webhosting there can be a number of more likely explanations i would recommend you use something like cloudflare if you inspect the traffic even furtherppSim swap millionaires as a spoiled child of a millionaire and steal hundreds of millions in cryptocurrency Daddys close with the judge theyre regulars at the same golf course 3 years in prison at most
Extort the largest companies for millions full business shutdown for weeks Its okay you were just a teenager doing teenage things just tell the doctor the voices told you to do it take some medication and youre out in a year
DDoS paypal for a couple days as a foreign national Take down the public websites of a few hospitals and companies in middle of nowhere Africa no affect on daytoday service Life in prisonppMitigating L7 DDoS attacks is extremely easy All of the victims especially the emergency ones should be charged with negligence How incompetent can you be to have your services pulverized by two script kiddies with a couple EC2 instancesppJustice is terribleppbro is doing tricks on it
These people are human filth and your sense of justice means nothingppThe United States consistently leads the effort in combating criminal elements This article highlights the ongoing success in taking down these criminal networks Criminals show no respect for individual lives and its critical that organizations take cybersecurity seriously Implementing robust security measures and compliance programs is essential to staying protectedppRejoice the LLM has joined the conversationppUsing chatgpt to write a program that reads Brians articles then responds to them using chatgptppTypo in 6th paragraph Omer not OmedppNot to question your reporting but it sounds like they sold attacks for as little as 100 per day if you could buy a week for 700ppA couple of Khartoum characters I see Sorry Ill go away nowppComments are closedppMailing ListppSearch KrebsOnSecurityppRecent PostsppStory CategoriesppWhy So Many Top Hackers Hail from Russiap
This entry was posted on Thursday 17th of October 2024 1017 AM
ppWe experience occasional extreme slowness in responses from our shared hosting server Our host says it is not our server or other clients on our shared hosting but nothing has changed on our websites and they are low volume Is it possible these or other actors have found a misconfigured web server and are using it to launch attackspponly your web host could answer that but worth checking your logs for unusual trafficppi highly doubt that youre being attacked if youre on shared webhosting there can be a number of more likely explanations i would recommend you use something like cloudflare if you inspect the traffic even furtherppSim swap millionaires as a spoiled child of a millionaire and steal hundreds of millions in cryptocurrency Daddys close with the judge theyre regulars at the same golf course 3 years in prison at most
Extort the largest companies for millions full business shutdown for weeks Its okay you were just a teenager doing teenage things just tell the doctor the voices told you to do it take some medication and youre out in a year
DDoS paypal for a couple days as a foreign national Take down the public websites of a few hospitals and companies in middle of nowhere Africa no affect on daytoday service Life in prisonppMitigating L7 DDoS attacks is extremely easy All of the victims especially the emergency ones should be charged with negligence How incompetent can you be to have your services pulverized by two script kiddies with a couple EC2 instancesppJustice is terribleppbro is doing tricks on it
These people are human filth and your sense of justice means nothingppThe United States consistently leads the effort in combating criminal elements This article highlights the ongoing success in taking down these criminal networks Criminals show no respect for individual lives and its critical that organizations take cybersecurity seriously Implementing robust security measures and compliance programs is essential to staying protectedppRejoice the LLM has joined the conversationppUsing chatgpt to write a program that reads Brians articles then responds to them using chatgptppTypo in 6th paragraph Omer not OmedppNot to question your reporting but it sounds like they sold attacks for as little as 100 per day if you could buy a week for 700ppA couple of Khartoum characters I see Sorry Ill go away nowppComments are closedppMailing ListppSearch KrebsOnSecurityppRecent PostsppStory CategoriesppWhy So Many Top Hackers Hail from Russiap
