Who Is Anonymous Sudan? The Threat Actors Behind The ChatGPT Hack

Posted by Timige, On 12 Nov, 2023 | Updated On 12 Nov, 2023 No Comments »


OpenAI suggested that the significant outages on November 8, experienced by users across ChatGPT and the application programming interface, were caused by a suspected distributed denial-of-service attack, and a group calling itself Anonymous Sudan has claimed responsibility.

In a Telegram channel posting, the hackers claimed the attack was due to ChatGPT having “a general biasness towards Israel and against Palestine.” Although OpenAI has yet comment on any attribution for the alleged DDoS attack, Anonymous Sudan is known to favor such attacks against perceived enemies. The Telegram posting accused OpenAI of cooperating with the “occupation state of Israel,” and went on to claim that “AI is now being used in the development of weapons and by intelligence agencies like Mossad.” The hacktivist group added that it will target any American company and said that Israel is employing AI “to further oppress the Palestinians.”

Who Is Anonymous Sudan?

According to Trustwave SpiderLabs researchers, Anonymous Sudan is likely a sub-group of the pro-Russian Killnet threat group. There appears little if any evidence that the group is financially motivated, and the targets appear to mostly be those that Russia also opposes. The main Anonymous operations groups, such as they are these days, have disavowed any connection with Anonymous Sudan, the researchers say.

11/10 update: Heather Choi, an application security engineer at LogRhythm, adds to the evidence suggesting that Anonymous Sudan is affiliated with Killnet. “Since launching in January of 2023, Anonymous Sudan has claimed attacks across industries, targeting global organizations and agencies.,” Choi says. It has been reported that, between January 1 and June 20, the threat actors accounted for 63% of DDoS attacks attributed to KillNet.

“While the attacks accredited to this group are often viewed as being politically or religiously motivated,” Ian Nicholson, the incident response head at Pentest People, says, “there are also instances where this adversary has conducted attacks as a form of retaliation against messaging services which have restricted their communications.”

ChatGPT DDoS Timeline

After users started complaining of ChatGPT being down, an OpenAI incident report was posted at 12:03 PST on November 8, which said the issue was being investigated.

Within 40 minutes, an additional posting to that incident report said that a fix had been implemented and that OpenAI was monitoring the results.

Unfortunately, the results weren’t that positive, as a further update with a 17:23 PST timestamp noted that “periodic outages” were still being experienced.

At 19:49 PST, OpenAI confirmed, “We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.”

Source: Defence and Security

Do you have question or opinion about this post? Make it in the comment below.

Please Share with Your Friends/Followers

Get Current with Nigeria, Subscribe Now!

We'll never share your email with anyone else.

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment moderation is enabled. Your comment may take some time to appear.