Share this article on:
Anonymous Sudan, the hacktivist group responsible for taking down a number of major websites of late, has claimed responsibility for a distributed denial-of-service (DDoS) attack on PayPal.
According to a Telegram message supposedly from the hacking group, Anonymous Sudan has launched a “test attack” against PayPal and has said that it would be ramping up future attacks, particularly against organisations in the United Arab Emirates (UAE).
The supposed test attack against PayPal, which lasted only 30 seconds, led to an error message appearing on the online payment service, saying “user reports indicate problems at PayPal”.
Anonymous Sudan quickly followed the attack with a Telegram post, saying: “PayPal, we have an appointment with you soon.”
Backing its promise to launch a series of attacks on UAE-based organisations, the hacktivist group has reportedly claimed a number of subsequent attacks on websites in the region, including the Dubai Electricity and Water Authority and the UAE government portal.
It has also said that it plans to specifically target sites that use PayPal and will attack US sites as well.
The hacktivist group has ramped up activity in recent months, claiming to have launched a number of major attacks on organisations such as Microsoft, Reddit and, most recently, downed the Archive of our Own (AO3) fan fiction website.
According to researchers at the Australian cyber security firm CyberCX, Anonymous Sudan is named after a legitimate hacktivist group of the same name. Whereas the real Anonymous Sudan – which was a “loose hacking collective” – began its operations in 2019, the newer group started posting on its Telegram channel in January 2023.
As far as CyberCX can confirm, the two groups do not share any members, and Anonymous itself has distanced itself from the current group calling itself Anonymous Sudan. The group also originally posted only in Russian or English and only began to use Arabic in its communications once observers began to question the providence of the group.
The group claims to have links with a number of other hacking groups, such as REvil and Killnet, and uses the connections to launch large DDoS attacks on organisations that they see as anti-Islamic.
In the case of AO3, Anonymous Sudan said it attacked the fan-fiction site as it was against “all forms of degeneracy, and the site is full of disgusting smuts and other LGBTQ+ and NSFW things”.
The group is believed to be small, but cyber security experts have speculated that it is backed by the Russian state.
Adding to this theory is that the original Anonymous Sudan was pro-Ukraine and anti-Russia, while the new group of the same name is vocally pro-Russian.
CyberCX has also identified that the group pays to use infrastructure to launch its favoured cyber weapon – the DDoS attack.
“Based on the identifiable aspects of proxy infrastructure we observed, we assess that Anonymous Sudan’s proxy infrastructure is likely to cost at least AU $4,000 per month of usage,” CyberCX wrote.
The most recent attack on PayPal is not the first even this year, with the payment gateway organisation notifying 35,000 users that hackers had been attempting to steal login data through brute force attacks.
Prior to that, a hacking group that gained access to PayPal’s systems led to a data breach in December last year.