Anonymous Sudan

Threat Actor updated 2 months ago (2024-08-14T10:05:56.231Z)
Download STIX
Preview STIX
Anonymous Sudan, a threat actor group known for its malicious activities, has been actively involved in promoting a new Distributed Denial of Service (DDoS) botnet service named “Skynet-GodzillaBotnet” as of February 26, 2024. The group is recognized for its previous DDoS attacks on the encrypted messaging service Telegram and Israeli organizations in 2023. Additionally, it launched an attack on the Jerusalem Post website and successfully took down the Cloudflare website. These actions have demonstrated the group's capabilities and intent to disrupt services and cause significant damage. The group has also reportedly advertised its InfraShutdown DDoS attack service during these attacks, encouraging other potential attackers to participate. This suggests that Anonymous Sudan may be deriving financial benefits from its hacktivism. Moreover, the group’s activity seemed to decrease as another entity named BlackMeta’s operations increased, leading to speculation that BlackMeta might be a rebranding effort by Anonymous Sudan. This group collaborated with the pro-Russian Killnet group in the past, further establishing its reputation. Similar to Anonymous Sudan, BlackMeta appears to be primarily motivated by pro-Palestinian ideology and exhibits an anti-Western stance. It also seems to have ties with Russia, as evidenced by its use of Arabic, English, and Russian in its posts. As such, both Anonymous Sudan and BlackMeta represent significant cybersecurity threats due to their capacity for launching large-scale DDoS attacks, their ideological motivations, and their potential links with other adversarial entities.
Description last updated: 2024-08-14T08:54:39.694Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Blackmeta is a possible alias for Anonymous Sudan. BlackMeta, also known as SN_BlackMeta, emerged as a significant threat actor in November 2023. This group is primarily motivated by a pro-Palestinian ideology and an anti-Western stance, with suspected links to Russia. BlackMeta has claimed responsibility for multiple attacks on organizations in Isr
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ddos
Telegram
Sudan
Israel
Denial of Se...
Microsoft
Facebook
Cybercrime
Cloudflare
Uk
University
Kidnapping
Proxy
Russia
Ransomware
Azure
Extortion
Exploit
Ransom
State Sponso...
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Godzilla Malware is associated with Anonymous Sudan. Godzilla is a malicious software (malware) that has been implicated in a series of cyberattacks, according to reports published by cybersecurity firms such as Trend Micro and CrowdStrike. The malware, once deployed, allows the perpetrators to maintain control over compromised servers through a webshUnspecified
2
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The KillNet Threat Actor is associated with Anonymous Sudan. Killnet is a pro-Russian threat actor group that has gained notoriety for its disruptive cyber-attacks on various government entities. The group's activities peaked in July 2022 when it targeted multiple government resources in Poland, including the Ministry of Foreign Affairs, Senate, Border Controis related to
6
The Siegedsec Threat Actor is associated with Anonymous Sudan. SiegedSec, a threat actor or hacking group, has recently come under investigation by NATO due to their involvement in a series of cyber attacks. The group has claimed responsibility for these attacks, which have targeted multiple entities and have raised significant concerns about cybersecurity on aUnspecified
2
Source Document References
Information about the Anonymous Sudan Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
2 months ago
Securityaffairs
2 months ago
CERT-EU
8 months ago
DARKReading
3 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Fortinet
3 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
InfoSecurity-magazine
4 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago