For example, in December 2023, Anonymous took OpenAI’s ChatGPT offline through an ongoing series of DDoS attacks in response to company executive Tal Broda’s vocal support of Israel Defense Forces missile strikes in the Gaza Strip. . “More! No mercy! Don’t stop the IDF!” Broda wrote an
“We will continue to target ChatGPT until genocide supporter Tal Broda is fired and ChatGPT stops holding inhumane views on Palestinians,” Anonymous Sudan said in a Telegram post describing the attack on OpenAI. .” he responded.
Still, the true goals of anonymous vehicles haven’t always seemed entirely ideological, says Akamai’s Seaman. The group also offered to sell access to its DDoS infrastructure to other hackers. A recent Telegram post from the group in March suggested that its DDoS service, known as Godzilla or Skynet, was available for $2,500 a month. This means that even attacks that seemed politically motivated may have been intended, at least in part, for marketing purposes for the money-making side, Seaman argues.
“I think they thought, ‘We can come in and hurt people and market this service at the same time,’” Seaman said. He added that he was “definitely” skeptical of the group’s anti-Israel, pro-Palestinian focus after the Oct. 7 attack. “There is an ideological context, but the way it ties together the various victims is something that perhaps only the perpetrators of the attack can fully understand.”
At times, Anonymous Tools has also attacked Ukrainian targets, appearing to collaborate with pro-Russian hacker groups such as Killnet. This led some in the cybersecurity community to suspect that Anonymous Sudan was actually a Russian-linked operation disguising Sudan’s identity, given Russia’s history of using hacktivism as a false flag. The charges against Ahmed and Alaa Omer suggest that the group is actually from Sudan. But apart from the name, the group does not appear to have any clear ties to the original Anonymous hacker collective, which has been largely inactive for the past decade.
Akamai’s Seaman says that in addition to targeting and policies, the group has stood out through a relatively new and effective technology approach. Akamai’s Seaman says: The group’s DDoS services were built by gaining access to hundreds or thousands of virtual private servers. Cloud service companies—by renting with fake credentials. They then used those systems to launch so-called layer 7 attacks, overwhelming web servers with requests to websites, rather than the low-level flood of raw Internet data requests used by DDoS hackers in the past. Anonymous vehicles and their DDoS service customers simultaneously target numerous Layer 7 requests to victims, sometimes using a technique called “multiplexing” or “pipelining” to simultaneously create multiple bandwidth demands on servers until they go offline.
For at least nine months, the group’s technical prowess and brazen, unpredictable targeting have made it a top concern for the anti-DDoS community and many of its victims, Seaman says. “There was a lot of uncertainty about what this group could do, what their motivations were, and why they were targeting people,” Seaman says. “Once Anonymous Sudan left, there was a surge of curiosity and a definite sigh of relief.”
The Justice Department’s decision to bring criminal charges against Ahmed Omer, who could face life in prison for a denial-of-service attack, seems reckless given that state-sponsored cyberattacks and ransomware have often caused much more serious damage to healthcare networks. You can. says Josh Corman, a researcher at the Institute for Security and Technology who has long studied health care targeting hacks. Still, Corman says it’s encouraging to see prosecutors recognizing that even crude cyberattacks can have serious, even fatal, effects on victims.
“Yes, denial-of-service attacks can degrade and deny patent protection, resulting in loss of life,” Corman says. “While this is a first and may seem random until we get more details, it can be encouraging to know that we are understanding the devastating consequences of these attacks.”
