October 17, 2024 at 05:24AM
Federal prosecutors charged two Sudanese brothers for operating a DDoS botnet, conducting 35,000 attacks, including on Microsoft. Their tool, linked to Anonymous Sudan, targeted critical infrastructure globally. If convicted, one brother faces life imprisonment. Law enforcement dismantled the botnet as part of coordinated action against cybercrime.
### Meeting Notes Takeaways
1. **Charges Against Sudanese Brothers**:
– Ahmed Salah Yousif Omer (22) and Alaa Salah Yusuuf Omer (27) have been charged by U.S. federal prosecutors for operating a DDoS botnet that facilitated 35,000 attacks in one year, including attacks on Microsoft services in June 2023.
2. **DDoS Attacks Overview**:
– The group, known as Anonymous Sudan, targeted critical infrastructure, corporate networks, and government agencies worldwide, with significant damages reported (> $10 million to U.S. victims).
3. **Legal Implications**:
– Ahmed Salah faces a potential life sentence, while Alaa Salah could receive a maximum of five years if convicted on all charges.
4. **DDoS Tool and Seizure**:
– The distributed denial-of-service tool, referred to as DCAT, which was offered for hire, has been disabled as of March 2024. Key components of the tool were seized during law enforcement operations aimed at dismantling DDoS-for-hire services.
5. **Operation PowerOFF**:
– The arrests and seizures were part of Operation PowerOFF, an international effort to combat DDoS cyber crimes.
6. **Related Developments**:
– Finnish Customs disrupted the Sipulitie darknet marketplace, linking it to drug sales and tallying revenues at approximately 1.3 million euros.
– Brazil’s Federal Police arrested an individual suspected of hacking and leaking sensitive data, including information on 80,000 InfraGard members.
7. **Anonymous Sudan Activities**:
– Initially part of a pro-Russian hacktivist campaign, the group later executed DDoS attacks with motivations tied to religious and nationalist ideologies. They collaborated with other hacktivist groups.
8. **Financial Aspects**:
– DDoS attack services were marketed at rates of $100 per day, $600 per week, and $1,700 per month, allowing customers to conduct up to 100 attacks daily.
This summary encapsulates key points about the charges against the brothers, implications of their actions, related international law enforcement activities, and the operational details of the criminal enterprises engaged in DDoS attacks.