View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Anonymous Sudan claims it hit PayPal with ‘warning’ DDoS cyberattack

The hacktivists claim they will use PayPal to take on organisations in the US and UAE.

By Ryan Morrison

Hacktivist group Anonymous Sudan claims to have launched a “test attack” against PayPal. A Telegram message purporting to be from the cybercrime group warned it would ramp up attacks against organisations, including those in the UAE, utilising its favoured Distributed Denial of Service (DDoS) method. It has since been reported that a number of UAE websites have been attacked by the group including the government portal and Dubai Electricity

The hacking group Anonymous Sudan claims it will use PayPal in its next round of attacks on organisations (Photo: BigTunaOnline / Shutterstock)
The hacking group Anonymous Sudan claims it will use PayPal in its next round of attacks on organisations. (Photo by BigTunaOnline/Shutterstock)

During its test attack on PayPal, which lasted 30 seconds, the group claims it had the online payment gateway displaying an error message. The message is reported to have said “user reports indicate problems at PayPal”. In a post shared to Telegram, the group wrote “PayPal, we have an appointment with you soon.”

Since the PayPal claim was published there have been reports of a series of attacks on websites in the UAE by Anonymous Sudan. This includes those against the UAE Government Portal and the Dubai Electricity and Water Authority. The group warns they will also attack US sites and specifically target organisations using PayPal.

The same group were recently responsible for downing the popular fan fiction website Archive of our Own (AO3) with a DDoS cyberattack. The group, which also claimed on Monday to have disabled Reddit with a similar attack for two hours, said at the time that it was taking action against the site because of the nature of the content it features. 

Anonymous Sudan claims to be working with other hacker groups including KillNet and Revil to roll out larger attacks including DDoS attacks. The hacktivists claim their work is to target and fight against anti-Islamic sentiments, but there is speculation they are backed by Russian state-controlled groups. 

Questions over origin of Anonymous Sudan

During the attack on AO3, Anonymous Sudan wrote that the attack was because they are against “all forms of degeneracy, and the site is full of disgusting smuts and other LGBTQ+ and NSFW things”. It said on Telegram it would continue to target the site if it came back online and could “bypass any detection you put”.

Cybersecurity experts have suggested it might actually simply be posing as an anti-Islamic group, but is in reality a Russian hacking gang causing trouble for Moscow’s enemies. AO3 admins wrote during the attack that “cybersecurity experts believe the group claiming responsibility is lying about their affiliation and reasons for attacking websites”, explaining the site does not condone anti-Muslim sentiments under any circumstances.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

A report by security company Flashpoint also points to Anonymous Sudan as a “state-sponsored Russian” group that is simply masquerading as Sudanese actors with an Islamic motivation. Their targets to date also support this theory including a DDoS attack on Microsoft that took Office 365 offline for several hours. It has also threatened DDoS attacks against European banks and the SWIFT payment system, although no evidence of those attacks has materialised.

The most recent alleged attack against PayPal wouldn’t be the first. Earlier this year the company notified 35,000 users that there had been brute force attacks to steal login data. It also had a data leak in December last year after another group gained unauthorised access to the system.

Read more: PayPal faces German probe over ‘unfair’ business practices

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.