Hacktivist group Anonymous Sudan claims to have launched a “test attack” against PayPal. A Telegram message purporting to be from the cybercrime group warned it would ramp up attacks against organisations, including those in the UAE, utilising its favoured Distributed Denial of Service (DDoS) method. It has since been reported that a number of UAE websites have been attacked by the group including the government portal and Dubai Electricity
During its test attack on PayPal, which lasted 30 seconds, the group claims it had the online payment gateway displaying an error message. The message is reported to have said “user reports indicate problems at PayPal”. In a post shared to Telegram, the group wrote “PayPal, we have an appointment with you soon.”
Since the PayPal claim was published there have been reports of a series of attacks on websites in the UAE by Anonymous Sudan. This includes those against the UAE Government Portal and the Dubai Electricity and Water Authority. The group warns they will also attack US sites and specifically target organisations using PayPal.
The same group were recently responsible for downing the popular fan fiction website Archive of our Own (AO3) with a DDoS cyberattack. The group, which also claimed on Monday to have disabled Reddit with a similar attack for two hours, said at the time that it was taking action against the site because of the nature of the content it features.
Anonymous Sudan claims to be working with other hacker groups including KillNet and Revil to roll out larger attacks including DDoS attacks. The hacktivists claim their work is to target and fight against anti-Islamic sentiments, but there is speculation they are backed by Russian state-controlled groups.
Questions over origin of Anonymous Sudan
During the attack on AO3, Anonymous Sudan wrote that the attack was because they are against “all forms of degeneracy, and the site is full of disgusting smuts and other LGBTQ+ and NSFW things”. It said on Telegram it would continue to target the site if it came back online and could “bypass any detection you put”.
Cybersecurity experts have suggested it might actually simply be posing as an anti-Islamic group, but is in reality a Russian hacking gang causing trouble for Moscow’s enemies. AO3 admins wrote during the attack that “cybersecurity experts believe the group claiming responsibility is lying about their affiliation and reasons for attacking websites”, explaining the site does not condone anti-Muslim sentiments under any circumstances.
A report by security company Flashpoint also points to Anonymous Sudan as a “state-sponsored Russian” group that is simply masquerading as Sudanese actors with an Islamic motivation. Their targets to date also support this theory including a DDoS attack on Microsoft that took Office 365 offline for several hours. It has also threatened DDoS attacks against European banks and the SWIFT payment system, although no evidence of those attacks has materialised.
The most recent alleged attack against PayPal wouldn’t be the first. Earlier this year the company notified 35,000 users that there had been brute force attacks to steal login data. It also had a data leak in December last year after another group gained unauthorised access to the system.
Read more: PayPal faces German probe over ‘unfair’ business practices
