Microsoft Azure, Outlook DDoS attacks linked to Anonymous Sudan

Share post:

Microsoft has confirmed that recent disruptions to its Azure, Outlook, and OneDrive web portals were the result of Layer 7 DDoS attacks carried out by the threat actor Storm-1359, who goes by the name Anonymous Sudan.

Layer 7 DDoS attacks focus on overwhelming the application layer by bombarding services with an overwhelming volume of requests, causing the services to become unresponsive. Anonymous Sudan, also known as Storm-1359, employs three specific types of Layer 7 DDoS attacks: HTTP(S) flood attacks, Cache bypass, and Slowloris. Each method aims to exhaust the web service’s available connections, rendering it unable to accept new requests.

The attacks began in early June 2023, and targeted Microsoft’s web-accessible portals for Outlook, Azure, and OneDrive. Anonymous Sudan demanded a payment of $1 million to cease the attacks.

Microsoft revealed that the attackers likely employed multiple virtual private servers (VPS), rented cloud infrastructure, open proxies, and DDoS tools to carry out the attacks. However, there is no evidence to suggest that customer data was compromised during these incidents.

The group claimed that their attacks on Outlook were in response to the United States’ involvement in Sudanese politics. However, some cybersecurity researchers suspect that this claim may be a false flag, suggesting a potential connection between the group and Russia.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

A new MacOS attack from malware-as-a-service

Cado Security recently exposed a new macOS-targeted malware known as "Cthulhu Stealer," which operates as malware-as-a-service (MaaS). The...

Crowdstrike criticizes competitors who are taking advantage of the

CrowdStrike’s president, Michael Sentonas, has strongly criticized competitors for taking advantage of the company’s recent IT outage to...

Toyota confirms leak of 240GB of sensitive data in recent hack

Toyota recently confirmed a significant data breach after 240GB of sensitive information, including employee and customer data, was...

Ransomware payments reach record levels in 2024

Ransomware has become increasingly profitable in 2024, with cybercriminals collecting a staggering $459.8 million in ransom payments during...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways