U.S. DOJ Charges Operators of Anonymous Sudan for DDoS Attacks on Critical Infrastructure

Anonymous Sudan Cyberattacks

The U.S. Department of Justice announced today the indictment of two Sudanese nationals, Ahmed Salah Yousif Omer (22) and Alaa Salah Yusuuf Omer (27), for their alleged roles in operating and controlling Anonymous Sudan. This online cybercriminal group has been wreaking havoc across the globe with tens of thousands of Distributed Denial of Service (DDoS) attacks targeting critical infrastructure, corporate networks, and government agencies.

In March 2024, authorities seized and disabled the group’s powerful DDoS tool, effectively neutralizing their primary weapon. This tool, which they also sold as a service to other criminals, was allegedly used to launch over 35,000 DDoS attacks in a single year.

Anonymous Sudan sought to maximize havoc and destruction against governments and businesses around the world by perpetrating tens of thousands of cyberattacks,” said United States Attorney Martin Estrada. “This group’s attacks were callous and brazen—the defendants went so far as to attack hospitals providing emergency and urgent care to patients.”

Among the victims were high-profile entities like the Department of Justice, the Department of Defense, the FBI, Microsoft, Riot Games, and even Cedars-Sinai Medical Center in Los Angeles. The attacks on Cedars-Sinai were particularly egregious, forcing the hospital to redirect incoming patients for approximately eight hours.

Anonymous Sudan’s attacks, which resulted in over $10 million in damages to U.S. victims alone, have underscored the evolving threat of DDoS-for-hire services on a global scale. The group’s DDoS tool was not only used by its operators but also sold to other malicious actors, allowing cybercriminals to launch large-scale attacks on demand.

Cybercriminals need to understand that if they target America’s warfighters, they will face consequences,” warned Kenneth A. DeChellis, Special Agent in Charge of the Defense Criminal Investigative Service (DCIS) Cyber Field Office.

This operation, part of the ongoing Operation PowerOFF, highlights the commitment of international law enforcement agencies to dismantle criminal DDoS-for-hire infrastructure and hold perpetrators accountable. The collaboration with private sector entities like Akamai, Amazon Web Services, Cloudflare, and Google was also instrumental in this success.

Related Posts: