Anonymous Sudan has undergone a notable shift in its operational tactics, as revealed by Crush, the group’s spokesperson to Cyberknow. The group has transitioned to employing a new DDoS-for-hire service known as Anonymous Sudan Infrashutdown. This DDoS service for hire marks a departure from their previous utilization of the Skynet Botnet.
The announcement of this change coincided with the creation of a Telegram page dedicated to the group’s activities. However, Anonymous Sudan claims to have been utilizing the Infrashutdown service for several weeks before this public announcement, during which they achieved success in disrupting various organizations and launching cyberattacks on organizations globally.
Anonymous Sudan Infrashutdown: DDoS Service for Hire
In a Telegram post, Anonymous Sudan also initiated a donation campaign, a rare instance of the group seeking financial support. This move suggests a departure from their typical reliance on alleged financial backers to sustain their operations, particularly given the high costs associated with using paid botnets.
The shift to Infrashutdown represents a strategic pivot for Anonymous Sudan, as evidenced by a post on February 24th introducing the service.
In the post, the threat actor highlights Anonymous Sudan Infrashutdown and its capabilities, emphasizing its ability to offer customized DDoS campaigns targeting a wide range of entities, from government agencies to private businesses and individuals.
Decoding DDoS-for-Hire Service; Features and Capabilities
Key features of Infrashutdown include its global reach, allowing for disruptions on a nation-state level, as well as its adaptability to specific sectors such as education, healthcare, and telecommunications. The service also boasts a proven track record of success, having previously targeted ISPs, universities, and data centers across various countries.
Privacy and security are paramount with Infrashutdown, with the service guaranteeing confidentiality and untraceability for its clients. This assurance is coupled with flexibility in campaign scale and budget, enabling engagements ranging from budget-friendly skirmishes to record-setting terabit assaults.
Anonymous Sudan’s adoption of Infrashutdown highlights their ongoing commitment to digital activism and cyber warfare. By leveraging this new service, the group aims to expand its disruptive capabilities while maintaining anonymity and operational security.
Who is Anonymous Sudan?
Anonymous Sudan is a prolific hacktivist group that previously claimed responsibility for a widespread outage on X (formerly Twitter), mocking Elon Musk’s recent rebranding. The outage affected thousands globally with many facing issues logging into their accounts.
Despite claiming to be from Sudan, cybersecurity experts trace their origins to Russian cybercriminal networks like KillNet. Moreover, researchers debunked their association with the global Anonymous collective, identifying Russian ties through Telegram use and English-Russian communication.
Anonymous Sudan’s use of paid infrastructure suggests significant financing, possibly from Russian government circles. CyberCX corroborated these findings, noting their unconventional targeting methods. The group’s true identity and motives continue to raise concerns among cybersecurity experts.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.