Blackmeta

BlackMeta, also known as SN_BlackMeta or DarkMeta, is a threat actor group that emerged in November 2023. The group has a history of claiming responsibility for attacks against organizations in Israel, the United Arab Emirates (UAE), and the United States. BlackMeta publicly announced its intent to attack a financial institution via Telegram prior to the operation. The group's modus operandi includes Distributed Denial of Service (DDoS) attacks, with one notable campaign lasting six days and averaging 4.5 million requests 70% of the time. The group has been linked to pro-Palestinian hacktivist activities, often targeting entities they perceive as supporting Israel. In October, BlackMeta claimed responsibility for a DDoS attack on a financial institution's site, which lasted six days and included multiple waves of web requests lasting anywhere from four to 20 hours. This attack was part of a larger campaign that saw 1.25 trillion malicious requests targeting the site over a six-day period, making it challenging for the victim to differentiate between legitimate and malicious traffic. In July, BlackMeta targeted a bank in the UAE with a DoS campaign that lasted more than 100 hours over six days. These attacks are typically preceded by public announcements on social media platforms. There is speculation that BlackMeta may be a rebranding of Anonymous Sudan, another threat actor group. This hypothesis is based on the observation that the activity of Anonymous Sudan dwindled at the same time BlackMeta's activity increased. Both groups have been associated with pro-Palestinian hacktivist activities and have targeted similar geographic regions and sectors. Furthermore, BlackMeta appears to financially benefit from its "hacktivism" by offering an InfraShutdown DDoS attack service to other would-be attackers.