Federal authorities have charged two Sudanese nationals with running an operation that carried out tens of thousands of distributed denial of service (DDoS) attacks against some of the world's largest technology companies, as well as critical infrastructure and government agencies.
The service, branded Anonymous Sudan, led powerful and persistent DDoSes against major tech companies, including Microsoft, OpenAI, Riot Games, PayPal, Steam, Hulu, Netflix, Reddit, GitHub and Cloudflare. Other targets included CNN.com, Cedars-Sinai Medical Center in Los Angeles, the U.S. Departments of Justice, Defense and State, the FBI and government websites for the state of Alabama. Other attacks targeted sites or servers in Europe.
Two brothers, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, were both charged with conspiracy to damage protected computers. Ahmed Salah was also charged with three counts of damaging protected computers. One of the allegations is that one of the brothers attempted to “knowingly cause death.” If convicted on all charges, Ahmed Salah faces a maximum of life in federal prison, and Alaa Salah faces a maximum of five years in federal prison.
Devastation and destruction
“Anonymous Sudan sought to maximize destruction and destruction against governments and companies around the world by launching tens of thousands of cyberattacks,” said U.S. Attorney Martin Estrada. “The attacks by this group were callous and brutal – the defendants even went so far as to attack hospitals providing emergency and urgent care to patients.”
Prosecutors said Anonymous Sudan used a cloud-based DDoS tool to take down or severely degrade the performance of online targets and then often took to a Telegram channel to brag about the exploits. The tool is said to have carried out more than 35,000 attacks, 70 of which targeted computers in Los Angeles, where the charges were filed. The operation would have lasted from January 2023 to March 2024 at the latest.