Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Anonymous Sudan. Show all posts

OpenAI Reveals ChatGPT is Being Attacked by DDoS


AI organization behind ChatGPT, OpenAI, has acknowledged that distributed denial of service (DDoS) assaults are to blame for the sporadic disruptions that have plagued its main generative AI product.

As per the developer’s status page, ChatGPT and its API have been experiencing "periodic outages" since November 8 at approximately noon PST.

According to the most recent update published on November 8 at 19.49 PST, OpenAI said, “We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.”

While the application seemed to have been operating normally, a user of the API reported seeing a "429 - Too Many Requests" error, which is consistent with OpenAI's diagnosis of DDoS as the cause of the issue.

Hacktivists Claim Responsibility 

Hacktivist group Anonymous Sudan took to Telegram, claiming responsibility of the attacks. 

The group claimed to have targeted OpenAI specifically because of its support for Israel, in addition to its stated goal of going against "any American company." The nation has recently been under heavy fire for bombing civilians in Palestine.

The partnership between OpenAI and the Israeli occupation state, as well as the CEO's declaration that he is willing to increase investment in Israel and his multiple meetings with Israeli authorities, including Netanyahu, were mentioned in the statement.

Additionally, it asserted that “AI is now being used in the development of weapons and by intelligence agencies like Mossad” and that “Israel is using ChatGPT to oppress the Palestinians.”

"ChatGPT has a general biasness towards Israel and against Palestine," continued Anonymous Sudan.

In what it described as retaliation for a Quran-burning incident near Turkey's embassy in Stockholm, the group claimed responsibility for DDoS assaults against Swedish companies at the beginning of the year.

Jake Moore, cybersecurity advisor to ESET Global, DDoS mitigation providers must continually enhance their services. 

“Each year threat actors become better equipped and use more IP addresses such as home IoT devices to flood systems, making them more difficult to protect,” says Jake.

“Unfortunately, OpenAI remains one of the most talked about technology companies, making it a typical target for hackers. All that can be done to future-proof its network is to continue to expect the unexpected.”  

eCitizen Cyberattack: Kenyan Government Portal’s Services Disrupted


The Kenya government recently confirmed that its eCitizen portal was affected by a cyber-attack. The portal was used by the public to access over 5,000 government services.

The attack came to notice after its customers complained of disruption in its services, which included passport and application renewal, issuing e-visas, and driving licenses.

Following the confirmation of the attack and hindrance in the eCitizen system, the government was made to promise visas on arrival to its foreign customers who had earlier applied for e-visas. Also, certain disruption was noticed in the train-booking systems and electricity billing. 

People who rely on the popular mobile-money service M-Pesa to make payments at stores, public transportation vehicles, hotels, and other platforms also encountered issues. Mobile money banking services were also impacted.

Apparently, the attack also impacted several private companies, however, the claim has not been confirmed yet.

Anonymous Sudan

The attack has been executed by hackers, who call themselves ‘Anonymous Sudan’. The group claims to have been based in Sudan, portraying themselves as ‘cyber-warriors,’ and has vowed to attack anyone attempting to meddle in the country's internal affairs, it is however thought to have ties to Russia. The group apparently supports Russia and is an affiliate of the pro-Russian threat group Killnet. 

The group came to light in January this year and has been popular since, carrying our several attacks. It has been categorized as disruptive, but not sophisticated. 

The majority of the group's communications have been shared on its Telegram channel, where on Sunday a warning of an upcoming attack on Kenyan computer systems was posted.

The reason it gave for the recent cyberattack was that "Kenya has been attempting to meddle in Sudanese affairs and released statements doubting the sovereignty of our government," as per the reports.

Apparently, the group is citing the issue pertaining to the Sudanese government, which has repeatedly accused Kenyan President William Ruto of lacking neutrality and rejected his attempts to mediate in the ongoing war between the Sudanese military and the paramilitary Rapid Support Forces (RSF).

Follow-up of the Attack

Since, the government has been putting emphasis on its people utilizing its online services, along with adopting online payment methods, the recent attack seems to have consequently impacted a large number of Kenyans.

After the attack became public, the ICT Cabinet Secretary, Eliud Owalo, confirmed that the services suffered no data loss and that the government is working on solving the issue and securing its platform. However, the hackers claim to have access to victims’ passport data.

Following the incident, on Friday, the ministry held a meeting with several private sector professionals to address cyber security issues.

Although there are still sporadic interruptions that slow down or prevent users from accessing services normally on the internet platform, the government claims to have been able to stop the attack's source.  

Microsoft: Disruptions in Outlook, Cloud Platform Services Were Caused by a Cyberattack


Earlier this June, some periodic but significant disruptions could be seen in Microsoft’s flagship office suite. That cyberattack disrupted services of Microsoft affiliated apps like Outlook email and OneDrive file sharing app along with cloud computing platform. After the attack was confirmed, an anonymous hacktivist seems to have taken the blame, claiming to have flooded the sites with traffic through their distributed denial-of-service (DDoS) attacks.

Microsoft was initially hesitant to admit that DDoS attacks by the murky upstart were to blame, but has since admitted that this was the case.

Although, they did not immediately confirm the number of customers affected by the attack or whether it had any global impact, Microsoft has now provided certain details on the matter.

A Microsoft spokesperson stated that the threat group behind the attacks has confirmed to have been ‘Anonymous Sudan.’ At the time, it took ownership of the situation via its Telegram social media channel. Some cybersecurity experts think the group is based in Russia.

On Friday, an explanation on the matter by Microsoft was published in a blog post following a request from The Associated Press made two days prior. The post, which was sparse on data, stated that the attacks "temporarily impacted availability" of some services. According to the report, the attackers targeted "disruption and publicity" and used probable rented cloud infrastructure and virtual private networks to flood Microsoft servers with attacks from so-called botnets of zombie machines spread around the world.

According to Microsoft, there is no proof that any customer information was accessed or compromised.

In regards to the severity of attacks, Jake Williams, a prominent cybersecurity researcher and a former NSA offensive hacker says “We really have no way to measure the impact if Microsoft doesn’t provide that info.” William added he was unaware of Outlook being attacked previously at this scale.

“We know some resources were inaccessible for some, but not others. This often happens with DDoS of globally distributed systems,” Williams added. “Microsoft’s apparent unwillingness to provide an objective measure of customer impact probably speaks to the magnitude,” he said.

While DDoS attacks do not come under the severity radar in cyber activities since they only make websites inaccessible without even penetrating them, security professionals believe that they can however disrupt the operations of several million of online users if they are successful in exploiting services of software service giants, like Microsoft, since a large chunk of global commerce rely on such organizations.

Cybersecurity Crisis: Anonymous Sudan Demands $3 Million from SAS Airlines

SAS Airlines cyber attack

Scandinavian Airlines (SAS) is currently facing a severe cybersecurity threat as the hacktivist group Anonymous Sudan continues its relentless distributed denial-of-service (DDoS) attacks. The group recently raised its ransom demand from an initial $3,500 to a staggering $3 million. These attacks have disrupted SAS's online services, prompting frustrated customers to voice their concerns about the airline's poor customer service.

The Growing Cyber Threat 

Anonymous Sudan, a hacktivist group with potential Russian connections, has been targeting SAS Airlines for several months. In their latest campaign, they have subjected the airline to a series of DDoS attacks, causing significant disruptions to SAS's website and mobile app. Initially demanding a small ransom of $3,500, the group has now increased its demand to $3 million. Shockingly, Anonymous Sudan has stated that the motive behind their attacks is to highlight the airline's poor customer service.

Customer Frustration and Social Media Outcry 

As a result of the ongoing cyber attacks, SAS customers have experienced difficulties accessing the airline's online services. Frustrated travelers have turned to social media platforms to express their dissatisfaction. Many have complained about the unavailability of the website and app, which has impacted their ability to check flight status, manage baggage claims, and obtain boarding passes. Customers are demanding answers from the airline, questioning the security of their personal information, and expressing their disappointment with the lack of transparency regarding the situation.

Anonymous Sudan's Motivation

Despite the name "Anonymous Sudan," it is unclear whether the hacktivist group actually originates from Sudan or has any direct affiliation with the country. Speculation suggests possible connections to Russia. Surprisingly, Anonymous Sudan has not cited any political motivations for their attacks on SAS. Instead, they claim to be targeting the airline due to its inadequate customer service. The group has expressed a willingness to intensify their attacks until their demands are met, as evidenced by their significant increase in ransom amount.

Impacts on SAS Airlines 

SAS Airlines, one of Scandinavia's leading carriers, has suffered significant disruptions as a result of the ongoing cyber attacks. With its website and mobile app intermittently going offline, the airline has apologized for technical difficulties but has not provided specific details about the cause. Anonymous Sudan's relentless campaign has further exacerbated the situation, leading to frustrated customers and a growing negative sentiment surrounding SAS's ability to deliver satisfactory customer service.

Scandinavian Airlines' ongoing battle with Anonymous Sudan highlights the increasing threat of cyber-attacks faced by companies in the aviation industry. The hacker group's demand for a $3 million ransom serves as a reminder of the potential financial and reputational damage that cybercriminals can inflict. SAS Airlines must prioritize the security of its online infrastructure and customer data to mitigate future risks. Additionally, enhanced customer service measures are necessary to restore trust and ensure a seamless experience for travelers.