[IsraelTimes] Ahmed and Alaa Omer are detained in unspecified country, were interrogated by FBI for allegedly running cybercrime collective Anonymous Sudan; Allegedly also targeted Iron Dome
The United States has indicted two Sundanese brothers linked to cyberattacks on early warning systems in Israel during the Hamas
 ..not a terrorist organization, even though it kidnaps people, holds hostages, and tries to negotiate by executing them,...
onslaught on October 7, 2023, and other attacks in Israel, the US and Europe, The New York Times
...which still proudly claims Walter Duranty's Pulitzer prize...
reported Friday.
They had also claimed to have targeted Israel’s Iron Dome missile defense in an incident several months before the Gazoo
...Hellhole adjunct to Israel and Egypt's Sinai Peninsula, inhabited by Gazooks. The place was acquired in the wake of the 1967 War and then presented to Paleostinian control in 2006 by Ariel Sharon, who had entered his dotage. It is currently ruled with a rusty iron fist by Hamas with about the living conditions you'd expect. It periodically attacks the Hated Zionist Entity whenever Iran needs a ruckus created or the hard boyz get bored, getting thumped by the IDF in return. The ruling turbans then wave the bloody shirt and holler loudly about oppression and disproportionate response ...
war started, that saw several Hamas rockets to evade the interceptors in one incident.
Sudan
...a Moslem country located in the Horn of Africa. It is noted for its affinity for rule by ex- or current generals, its holy men, and for the oppression of the native Afro population by its Arab conquerors. South Sudan, populated mostly by the natives, split off from Sudan proper, which left North and South Darfur to be oppressed by the guys with turbans...
ese nationals Ahmed and Alaa Omer are accused of running the cybercriminal collective Anonymous Sudan, which struck two online Israeli applications that give alerts of danger. The apps were third-party warning systems and not the official IDF Home Front Command warning system.
The attack is said to have come 30 minutes after Hamas-led faceless myrmidons breached the border with Israel to kill nearly 1,200 people and take 251 hostages, but the indictment against the brothers does not indicate if they were coordinated with Hamas.
The assault on the border coincided with Hamas launching several thousand rockets into Israel.
A representative of one of the applications, "Tzofar — Red Alert," which alerts Israelis that they need to head to bomb shelters amid incoming rockets, confirmed to the Times that the company’s website had been targeted during the onslaught, but said the mobile app continued to work.
"We are currently targeting some critical endpoints in the alert systems of Israel," Anonymous Sudan posted to its Telegram channel on October 7. "Glory to the Paleostinian Resistance®, we are with you."
In February, Anonymous Sudan also targeted critical computer systems at Cedars-Sinai Medical Center, a Jewish hospital in Los Angeles, the Times said.
"Bomb our hospitals in Gaza, we shut down yours too, eye for eye," the brothers were said to have written on Telegram. Throughout the war in Gaza, Israel has struck several hospital compounds where it says Hamas has embedded itself.
The brothers were arrested and are in jug in an unspecified country, where they have been interrogated by the FBI, the Times said, adding that it was unclear if they would be extradited to the US.
Their attacks were potentially so life-threatening that Ahmed Omer could face life in prison for one of the charges against him — the first time a cybercrime would carry such a penalty, the Times said, citing E. Martin Estrada, the US attorney for Caliphornia, an impregnable bastion of the Democratic Party,’s central district who handled the indictment.
"When you’re attacking hospitals, you’re putting lives in jeopardy, and this one certainly put lives in jeopardy," Estrada said.
Anonymous Sudan has launched some 35,000 DDoS — distributed denial of service — attacks since it emerged on Telegram in January 2023, the Times said.
The newspaper cited Ian Gray, vice president of cybersecurity firm Flashpoint, as saying Anonymous Sudan has interacted with pro-Kremlin hacker groups linked to Russia’s security services.
The interaction "appears to be ideological and not based on national origin," Gray said, noting that Anonymous Sudan’s Arabic-language Telegram messages indicate it subscribes to a pan-Islamist ideology.
Anonymous Sudan has targeted the websites of several media organizations, including CNN
...formerly the Cable News Network , now who know what it might stand for...
and The Washington Post, as well as Israel’s High Court and the Haifa port.
In May 2023 during a flare-up, Anonymous Sudan targeted the Iron Dome missile defense system, allowing 16 rockets, a larger-than-usual number, to cross into Israel from Gaza, the Times said, citing Flashpoint.
Despite the claims of the group and Flashpoint, it is considered highly unlikely that they managed to affect or infiltrate the military Iron Dome system.
While most of the rockets landed in open areas, meaning they would not have triggered an interception attempt, a number of them impacted populated areas of Sderot, including one projectile that hit a work site, injuring a foreign national there.
The military later said Iron Dome had suffered a technical malfunction, which was quickly resolved. Despite Anonymous Sudan’s claims, Iron Dome’s ability to track and intercept projectiles is considered incredibly unlikely to be linked in any meaningful way to the state-run early warning system, nor any third-party application created by a private developer.
At the time, Anonymous Sudan warned on Telegram that it would coordinate with Hamas on future attacks.
"We are now playing with Israel again," the group wrote. "The strong strikes will be when there is a missile attack from Gaza.”
Excerpts from the Justice Department’s press release: Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World
A federal grand jury indictment unsealed today charges two Sudanese nationals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world.
In March 2024, pursuant to court-authorized seizure warrants, the U.S. Attorney’s Office and FBI seized and disabled Anonymous Sudan’s powerful DDoS tool, which the group allegedly used to perform DDoS attacks, and sold as a service to other criminal actors.
Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, were both charged with one count of conspiracy to damage protected computers. Ahmed Salah was also charged with three counts of damaging protected computers.
According to the indictment and a criminal complaint also unsealed today, since early 2023, the Anonymous Sudan actors and their customers have used the group’s Distributed Cloud Attack Tool (DCAT) to conduct destructive DDoS attacks and publicly claim credit for them. In approximately one year of operation, Anonymous Sudan’s DDoS tool was used to launch over 35,000 DDoS attacks, including at least 70 targeting computers in the greater Los Angeles area.
Victims of the attacks include sensitive government and critical infrastructure targets within the United States and around the world, including the Department of Justice, the Department of Defense, the FBI, the State Department, Cedars-Sinai Medical Center in Los Angeles, and government websites for the state of Alabama. Victims also included major U.S. technology platforms, including Microsoft Corp. and Riot Games Inc., and network service providers. The attacks resulted in reported network outages affecting thousands of customers.
Anonymous Sudan’s DDoS attacks, which at times lasted several days, caused damage to the victims’ websites and networks, often rendering them inaccessible or inoperable, resulting in significant damages. For example, Anonymous Sudan’s DDoS attacks shuttered the emergency department at Cedars-Sinai Medical Center, causing incoming patients to be redirected to other medical facilities for approximately eight hours. Anonymous Sudan’s attacks have caused more than $10 million in damages to U.S. victims.
The March 2024 disruption of Anonymous Sudan’s DCAT tool, called variously “Godzilla,” “Skynet,” and “InfraShutdown,” was accomplished through the court-authorized seizure of its key components. Specifically, the warrants authorized the seizures of computer servers that launched and controlled the DDoS attacks, computer servers that relayed attack commands to a broader network of attack computers, and accounts containing the source code for the DDoS tools used by Anonymous Sudan.
If convicted of all charges, Ahmed Salah would face a statutory maximum sentence of life in federal prison, and Alaa Salah would face a statutory maximum sentence of five years in federal prison.
Related: Axios weighs in here. 
|
