Anonymous Sudan

Also known as: Anonymous Sudan, storm-1359

Since January 23, 2023, a threat actor identifying as “Anonymous Sudan” has been conducting denial of service (DDoS) attacks against multiple organizations in Sweden. This group claims to be “hacktivists,” politically motivated hackers from Sudan. According to Truesec’s report, the threat actor has nothing to do with the online activists collectively known as Anonymous.

🌍 Country Russia
🎯 Incident Type Denial of service

Targeted Victims

Denmark Sweden

Introduction

Since January 23, 2023, a threat actor identifying as “Anonymous Sudan” has been conducting denial of service (DDoS) attacks against multiple organizations in Sweden. This group claims to be “hacktivists,” politically motivated hackers from Sudan. According to Truesec’s report, the threat actor has nothing to do with the online activists collectively known as Anonymous.

Activities and Tactics

Country of Origin: 🇷🇺 Russia

Incident Type: [“Denial of service”]

Suspected Victims: Denmark, Sweden

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • FLASHFLOOD:
  • CyberGate:
  • Cyber Eye RAT:
  • GraphicBooting:
  • Archelaus Beta:
  • CrossRat:

Attribution and Evidence

Country of Origin: Russia Additional attribution information pending cataloguing.

References

References pending cataloguing.