Los Angeles — Two Sudanese citizens have been charged with leading Anonymous Sudan, a cybercriminal group behind tens of thousands of Distributed Denial of Service (DDoS) attacks. DDoS attacks exploit vulnerable networks, often for financial or political motives. An indictment unsealed yesterday by the US Attorney's Office, Central District of California, sate these attacks targeted critical infrastructure, government agencies, and corporations worldwide.
According to the indictment, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, allegedly orchestrated a series of destructive attacks using Anonymous Sudan's DDoS tool.
The pair have been charged with conspiracy to damage protected computers, and Ahmed Salah faces additional counts of damaging protected computers. If convicted, Ahmed Salah could face a life sentence, while Alaa Salah faces up to five years in prison.
"Anonymous Sudan sought to maximise havoc and destruction by targeting hospitals, government networks, and businesses," said US Attorney Martin Estrada. He noted that the group's attacks were particularly egregious, impacting emergency services and hospitals providing urgent care.
Cedars-Sinai Medical Centre in Los Angeles was forced to redirect patients after its emergency department was rendered inoperable for hours due to the attacks.
The two men are accused of running Anonymous Sudan, a prolific group boasting 80,000 followers on Telegram. Since January 2023, they allegedly disrupted major platforms like Microsoft, OpenAI, and PayPal, according to a report by The Washington Post.
The DDoS tool, described in the press release as "Godzilla," "Skynet," and "InfraShutdown," was disabled in March 2024 after a coordinated effort by the Federal Bureau of Investigation (FBI) and other law enforcement agencies. "The FBI's seizure of this tool effectively dismantled the platform that had caused widespread damage," said Rebecca Day, special agent in charge of the FBI's Anchorage Field Office.
Their cyberattacks, which included over 35,000 DDoS incidents, targeted government entities, technology giants like Microsoft and Riot Games, and other critical services, resulting in significant disruptions and over $10 million in damages to US victims.
These law enforcement actions are part of "Operation PowerOFF," an international effort to combat cybercrime. As the investigation continues, the indictment underscores the commitment to holding cybercriminals accountable.