Anonymous Sudan has launched a distributed denial-of-service (DDoS) attack against Telegram in response to the messaging platform's decision to deactivate its principal account, according to threat intelligence firm SOCRadar.
Anonymous Sudan, claiming to be a hacktivist group motivated by political and religious concerns, carried out DDoS attacks against organisations in Australia, Denmark, France, Germany, India, Israel, Sweden, and the United Kingdom.
The group has been active since the beginning of the year, and on January 18, it launched its Telegram channel, proclaiming its intention to undertake cyberattacks against any entity that opposes Sudan. The group's operations began with the targeting of many Swedish websites.
However, in June, Microsoft 365, Outlook, Microsoft Teams, OneDrive for Business, and SharePoint Online were the targets of a string of disruptive DDoS attacks launched by Anonymous Sudan, which quickly gained attention. Cloud computing platform Azure from Microsoft was also impacted.
Microsoft, which records the group as Storm-1359, confirmed DDoS attacks were the cause of the interruption after Anonymous Sudan boasted about the strike on their Telegram channel.
With the goal of forcing Elon Musk into establishing the Starlink service in Sudan, the organisation launched a disruptive DDoS attack against X (previously Twitter) in late August.
The hacktivists' primary Telegram channel has been moved temporarily as a result of the attack on Telegram, which had a different objective than the group's usual targets but yet failed to accomplish its goal.
Uncertainty around the ban on Telegram has led the threat intelligence company to speculate that it may be connected to recent attacks on X or the use of bot accounts.
Current DDoS and defacement operations are being carried out by the Anonymous Sudan group, which may not be based in Sudan and may actually have connections to the Russian hacking collective KillNet, according to previous reports from SOCRadar and Truesec.
The group doesn't request the support of pro-Islamic organisations, only communicates with Russian hackers, and mostly posts in English and Russian rather than Arabic. The campaigns that have been noticed also have no connection to political issues regarding Sudan.
The group also doesn't seem to be associated with the original Anonymous Sudan hacktivists, who first showed up in Sudan in 2019, or with Anonymous, the decentralised, anti-political hacktivist movement.