Pierluigi Paganini
November 10, 2023
The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare.
Cloudflare confirmed that a DDoS attack took down its website for a few minutes and ponited out that it did not impact other products or services.
“To be clear, there was no Cloudflare breach. Cloudflare experienced a DDoS attack that caused intermittent connectivity issues to http://www.cloudflare.com for a few minutes. This DDoS attack did not affect any service or product capability that Cloudflare provides, and no customers were impacted by this incident. Cloudflare’s website is deliberately hosted on separate infrastructure and cannot impact Cloudflare services. To be clear, our website is fully functional and up and running.” reads a statement issued by the company to the media.
Anonymous Sudan made fun of Cloudflare on its Telegram channel and reported that the attack duration was 1 hour.
“Companies using cloudflare, they can’t even protect their main site, you think they can protect you? No protection can stand in our way Attack duration: 1 hour.” reads the message published on the group’s Telegram channel.
The collective Anonymous Sudan has been active since January 2023, it claims to target any country that is against Sudan. However, some security researchers believe that Anonymous Sudan is a sub-group of the pro-Russian threat group Killnet.
Threat actors relied on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.
In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing apps, and the cloud computing infrastructure Azure. Anonymous Sudan claimed responsibility for the DDoS attacks that hit the company’s services.
In July, Anonymous Sudan announced it had stolen credentials for 30 million customer accounts.
In September, Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group.
This week the group hit OpenAI, which confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack.
Anonymous Sudan claims to have launched the recent DDoS attacks with the Skynet and Godzilla botnets.
Skynet was first discovered in 2012 and has since grown to become one of the largest botnets in the world. It is estimated that Skynet has infected over 1 million devices worldwide.
The Godzilla botnet has been active since at least 2021, it was used to launch large-scale distributed denial-of-service (DDoS) attacks, as well as steal login credentials and mine cryptocurrency.
The Godzilla botnet is estimated to have infected over 100,000 devices worldwide, and it is capable of generating over 100 gigabits per second of DDoS traffic.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, DDoS)
