top of page

Hackers from Sudan Release Cyberattack to Force Elon Musk to Address Starlink Issue

On Tuesday morning, Anonymous Sudan, a hacking group, took X (formerly known as Twitter) offline in more than a dozen countries in an effort to force Elon Musk to roll out his Starlink service in their country. X experienced an outage that lasted for more than two hours, resulting in thousands of users being impacted. The hackers posted on Telegram with the aim of sending their message to Elon Musk: 'Open Starlink in Sudan'. X is the most recent sufferer of the collective of hackers who have been claiming to "further the interests of Sudan and Islam". The BBC engaged in a series of confidential talks with the hackers on the messaging platform Telegram over the course of a few weeks, in order to gain an insight into their methods and motivations. Crush, one of the members of the group, informed the BBC that their attack on Tuesday overloaded X's servers with a ton of traffic, causing it to go offline--methods which the gang is renowned for employing, being crude and not particularly advanced in nature. Downdetector indicated that over 20,000 reports of outages had been received from people located in the US and the UK, although the real number of those affected is likely to be considerably larger. Hofa, a member of a hacker collective, declared that the DDoS (Distributed Denial of Service) attack was meant to draw attention to the civil strife in Sudan, which has caused the internet to experience frequent outages. X has not made any acknowledgement of the disruption caused, and Mr Musk has declined to answer inquiries about launching his satellite internet service in Sudan. Anonymity has been attributed to Sudan by many in the cyber-security sector, suggesting that it is actually a Russian cyber-military unit clandestinely causing cyber-disturbance on the Kremlin's behalf while claiming to be a foreign hacktivist collective. This theory is based on the online backing of Russian President Vladimir Putin and a perceived congruency of aims with other cyber-criminal groups in Russia. The criminal group has maintained its innocence in regards to being Russian, and for the first time has provided the BBC with evidence that it is situated in Sudan. Crush, the main figurehead and core element of the group, posted his location in the Telegram application as confirmation. Crush and Hofa supplied images of their Sudanese passports, along with screenshots implying they are in Sudan. It took weeks of discussion with multiple sources, the BBC and a cyber-security expert, Intel Cocktail, for there to be no evidence of the hackers falsifying their claims. Crush noted that the aim of their long-term plan was to demonstrate to the world that Sudanese individuals, even if not abundant in resources, are proficient in diverse fields. In June, a message was posted by the gang expressing their backing for the Russian government in order to put a stop to the Wagner forces' unrest. Nevertheless, Crush stated that "a similar event took place in our nation and the Russians backed us, so we felt the need to offer them our help in return," alluding to Russia's aid to the Sudanese government in its struggle against the ongoing civil war. He maintains that their collective consists of a "modest quantity" of Sudanese hackers who are conducting the attacks from the nation even with frequent internet interruptions. Since its emergence in January, Anonymous Sudan has managed to interfere with multiple organisations and government web services from France, Nigeria, Israel and the United States. For the past month, Kenya has been the target of the gang's attacks, with accusations that the country's government is "interfering in Sudanese matters". A severe attack was launched on the country's eCitizen portal, which the public employ to gain access to over 5,000 government services, resulting in rampant disruption. When asked about the effects on people, Crush justified the actions and stated: "The goal of striking infrastructure is to send a message to both the nation and its leaders. We do have certain limits, i.e., if our attacks cause a great deal of civilian casualties." The group has also made unsuccessful attempts to target hospitals. The gang states they are engaging in these unlawful assaults to "protect the reality, Islam and Sudan", however on no less than two events they have additionally attempted to blackmail casualties for Bitcoin. It has also focused on websites such as OnlyFans, Tumblr and Reddit, claiming that they support what it identifies as "inappropriate content and other LGBTQ+ matters". In June, the hackers rejoiced at the US cyber-authority's announcement of a series of assaults on American entities, cautioning that such incidents “can result in delays, financial losses, and damage to reputation during times when services and resources are unavailable.” In June, the group triggered its most prominent attack, which caused a disruption of Microsoft services, such as Outlook and OneDrive. Microsoft had to create a document providing guidance to customers on how to prevent their systems from being affected by the group.

Comments


bottom of page