Posted on July 12, 2023 at 8:15 AM
Anonymous Sudan Claims Responsibility For A Major DDoS Attack Against AO3
Archive of Our Own (AO3), a Fanfiction platform, was targeted by several distributed denial-of-service (DDoS) attacks. These attacks took the website of the company offline for more than one day. The company first admitted to these DDoS attacks on July 10.
AO3 platform restored by a massive DDoS attacks
The AO3 platform first admitted to the outage on the official Twitter account of the company on July 10. The company later confirmed that the issue in question was attributed to a DDoS campaign. DDoS attacks are hacking campaigns where the threat actor overwhelms a server with much traffic, resulting in the servers going offline.
AO3 confirmed this malicious campaign in a tweet posted on Tuesday afternoon. While giving an update on the situation, the company confirmed that its operations had been restored but added that some work needed to be done to optimize the new Cloudflare setup at the company.
Shortly after the company confirmed that the site’s normal operations had been restored, some customers could still face issues accessing the site, with the load time being longer than what is normally reported.
The DDoS campaign was attributed to a hacker group known as Anonymous Sudan. This group is demanding a ransom to halt the ongoing operation. The company has also said that since DDoS campaigns do not affect private user data, there was no need for users to alter their passwords in response to this outage.
A spokesperson from the parent company of AO3, the Organization for Transformative Works, said that, at present, they had not been directly contracted by any threat actor group regarding the DDOS campaign. As such, the company could not confirm that the campaign was a result of a targeted campaign.
The company has also said that it does not have a timeline for the site being back online and when the normal load speeds would be restored. However, it noted that the improvements would be seen gradually, adding that the company’s cybersecurity department has continued to take measures to mitigate this attack.
Anonymous Sudan claims responsibility for the attack
A message that was posted by the company on the Telegram messaging service noted that the Anonymous Sudan hacktivist organization was behind this DDoS attack. Anonymous Sudan is ranked as a hacktivist organization in that it uses hacking campaigns to promote its ideologies. ‘
The hacker group has been affiliated with several DDoS campaigns. According to Flashpoint, the group has been active since January this year, and within six months, it has been behind massive DDoS campaigns targeting Microsoft. The group was linked to a DDoS campaign targeting Microsoft Azure services.
The Anonymous Sudan hacker group has also been attributed to several campaigns targeting companies across Europe. However, it appears as if this group does not have any verifiable affiliation with Sudan or the Anonymous group that operated in Sudan.
The Anonymous Sudan hacker group also appears to be conducting pro-Russian hacking campaigns, given its close ties with the Killnet hacking organization. Killnet is a pro-Russian hacker group that has been linked to several DDOS campaigns. The group usually targets Ukraine and the Western allies that have supported Ukraine in the ongoing war with Russia.
However, in the recent attack against AO3, the company claimed that the Anonymous Sudan hacker group is not behind the campaign. AO3 has said that the claims being made by the group might not be entirely accurate.
While acknowledging the attack, the platform had said that a hacker group that presented itself as a group of religious and politically motivated hackers had claimed responsibility for the hacking attack.
The company said that cybersecurity experts believed that the group claiming to be responsible for the attack was making false statements about its affiliation with the group and the reasons why it was attacking websites. The group has urged caution when viewing the statements made by the group.
The initial reports that were made by the Anonymous Sudan hacker group claimed that the hacking exploit would last for up to 24 hours. The group has also demanded a ransom of $30,000 from Anonymous Sudan and threatened that AO3 would continue to face issues if the company fails to pay the ransom.
The Organization for Transformative Works and the AO3 project might fail to pay this ransom, given that the company is supported by donations from users and depends on volunteers to operate. However, the threat posed by the hackers is yet to be determined.