Federal authorities have arrested two Sudanese brothers accused of running Anonymous Sudan, a hacking group that launched over 35,000 cyberattacks on hundreds of organizations. The attacks targeted a wide range of victims, including Microsoft, OpenAI, airports, the Pentagon, the FBI, and the Department of Justice. According to prosecutors, the brothers, Ahmed and Alaa Omer, used their attacks for ideological hacktivism, extortion, and as part of a cyberattack-for-hire service.
In one particularly severe incident, their attack on Cedars-Sinai Health Systems in Los Angeles caused hours of downtime, diverting patients to other hospitals. “Bomb our hospitals in Gaza, we shut down yours too, eye for eye,” Ahmed Omer allegedly wrote on Telegram during the attack. The indictment also alleges that the hackers disrupted Israel’s Tzeva Adom missile alert app during deadly rocket attacks by Hamas in October 2023.
As a result of the hospital attacks, Ahmed Omer faces charges that carry a potential life sentence, described as the most severe criminal charges ever brought against a hacker accused of denial-of-service attacks. US Attorney Martin Estrada stated, “The actions taken by this group were callous and brazen.
Sudanese hackers face severe consequences
This group was motivated by their extremist ideology, essentially a Sudanese nationalist ideology.”
While the whereabouts of the brothers are unclear, they are currently in custody. Law enforcement agencies also took down Anonymous Sudan’s infrastructure in March 2024, effectively ending the group’s operations. Anonymous Sudan distinguished itself with its large-scale and high-profile attacks, often claiming political motivations linked to tensions between Israel and Hamas.
However, the group also offered its DDoS service, known as Godzilla or Skynet, to other hackers for profit. The group’s technical approach involved gaining access to numerous virtual private servers and using them to launch layer 7 attacks, overwhelming web servers with website requests. This method set them apart from typical DDoS attacks that use lower-level floods of internet data requests.
The prosecution of the Omer brothers serves as a warning to hackers about the severe consequences of targeting critical infrastructure. The case highlights the growing threat of cyberattacks and the importance of cybersecurity measures to protect against such incidents.
