America Division of Justice unsealed an indictment at present towards two Sudanese brothers suspected of being the operators of Nameless Sudan, a infamous and harmful hacktivist group recognized for conducting over 35,000 DDoS assaults in a yr.
Since launching in 2023, Nameless Sudan has been behind quite a few high-profile DDoS assaults, inflicting widespread outages and the shortcoming for customers worldwide to entry focused companies. Lots of their assaults have been motivated by pro-Russian and pro-Palestinian causes from messages posted to their Telegram channels.
These assaults impacted well-known corporations and companies, together with tech giants like Cloudflare, Microsoft, and OpenAI, with the risk actors able to overloading companies and making them inaccessible.
Different assaults focused authorities businesses worldwide and healthcare, together with Cedars-Sinai Hospital in Los Angeles, the place the assault disrupted programs and precipitated emergency companies and sufferers to be diverted to different hospitals.
Nameless Sudan indicted
At the moment, the Division of Justice unsealed an indictment towards two Sudanese nationals named Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, for working and controlling Nameless Sudan.
Whereas the group claimed to be focusing on nations and organizations interfering with Sudanese politics, some researchers believed that to be a false flag and linked the group to Russia as a substitute.
U.S. Legal professional Martin Estrada instructed reporters in a press name that Nameless Sudan was thought-about probably the most harmful cyber group by way of DDoS assaults and that the brothers have been motivated by a Sudanese nationalist ideology.
Estrada mentioned the brothers have been in custody since March when Nameless Sudan was disrupted and infrastructure seized, however wouldn’t share what nation arrested the 2. Nevertheless, he did state that whereas they don’t seem to be in US custody, they’ve been interviewed by the FBI.
“A federal grand jury indictment unsealed today charges two Sudanese nationals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world,” introduced the DOJ.
“In March 2024, pursuant to court-authorized seizure warrants, the U.S. Attorney’s Office and FBI seized and disabled Anonymous Sudan’s powerful DDoS tool, which the group allegedly used to perform DDoS attacks, and sold as a service to other criminal actors.”
Not like different teams that conduct DDoS assaults, Nameless Sudan didn’t compromise gadgets to make use of as a part of their assaults. As an alternative, they utilized instruments known as the Skynet Botnet or DCAT that used open proxies to overwhelm focused servers.
“I have interviewed employees at Amazon who examined data associated with Skynet Botnet attacks against Amazon customers,” FBI Particular Agent Elliott Peterson defined within the felony grievance.
“They determined that the attacks were being transmitted not from compromised victim devices, as would ordinarily be the case with a botnet, but from devices that were configured to automatically forward certain categories of Internet traffic.”
“Also called “Open Proxy Resolvers,” these “auto-forwarding” devices comprise the public part of the Skynet Botnet, and they were often the only information a Skynet Botnet attack victim would see in their network data.”
Peterson, who has been investigating Nameless Sudan since 2023, has additionally been concerned in different disruptions of DDoS operations as a part of Operation PowerOff.
The 2 suspects now face costs of conspiracy to wreck protected computer systems, and Ahmed Omer can be charged with three counts of damaging protected computer systems.
Ahmed Omer additionally faces a statutory most sentence of life in federal jail for reckless endangerment of life for his or her assault on Cedars-Sinai Hospital, which Estrada mentioned could be the first time this statute was charged within the US for a cyberattack.