Pierluigi Paganini
November 09, 2023
OpenAI confirmed earlier today that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack.
“We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.” reads the update posted by OpenAI on its status page 17 hours ago.
The organization first reported partial service outages on November 7, but on November 8 the services were disrupted.
The attack was launched by the pro-Russia group Anonymous Sudan (aka Storm-1359) that claimed the attack on its Telegram channel:
“Some reasons why we targeted OpenAI and ChatGPT:
At the time of this writing, ChatGPT seems to be working without problems.
Collective Anonymous Sudan has been active since January 2023, it claims to target any country that is against Sudan. However, some security researchers believe that Anonymous Sudan is a sub-group of the pro-Russian threat group Killnet.
Threat actors relied on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.
In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing apps, and the cloud computing infrastructure Azure.
The collective Anonymous Sudan claimed responsibility for the DDoS attacks that hit the company’s services.
In July, Anonymous Sudan announced it had stolen credentials for 30 million customer accounts.
In September, Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, OpenAI ChatGPT)
