Anonymous Sudan hacker group left a message on its Telegram channel suggesting that they will be launching cyber attacks on France.
The self-proclaimed hacktivist group made a reference to Kenya in the message on Telegram. There have been no new reports of any recent cyber attacks on France by Anonymous Sudan.
Anonymous Sudan to target France with cyber attacks
“The geo-political issues with Niger seem to be the reason why the country is likely to be targeted by the threat actor,” a tweet by Threat Intelligence Service Falcon Feeds noted.
However, this is not the first time the hacktivist group claimed to launch cyber attacks on France. Hospitals, educational institutions, media companies, and the communication industry in France were targeted by Anonymous Sudan in the past.
Due to the tension between Niger and France, Nigeriens have accused France of taking away their wealth and authorizing attacks on the presidential palace.
Recently, the coup took power to free President Mohamed Bazoum who remains untraceable presently.
Anonymous Sudan group likely took on the cause of Niger against France while it claimed to target European nations in the recent past.
“France, what are you doing? Do you want to invade Niger?,” read the message by Anonymous Sudan on Telegram on the cyber attack on France.
“We never like injustice,” concluded the Telegram threat from Anonymous Sudan to France.
Anonymous Sudan’s cyber attacks on France, Kenya
The threat about cyber attack on France comes days after an assault on Kenyan organisations.
Anonymous Sudan claimed cyber attacks on Kenya including the portal of M-Pesa, Kenya Power & Lighting Company, and the Kenya Revenue Authority. Anonymous Sudan threatened to launch large-scale cyber attacks on Kenya’s digital infrastructure.
In a Telegram message after allegedly launching cyber attacks on M-Pesa, the hackers wrote, “Also, we attacked M-PESA this morning and note that there are complaints on Twitter.” The group has been collaborating with other hackers to strengthen their army.
They announced collaborating with Skynet and using the Godzilla botnet for cyber attacks. Anonymous Sudan also showed support for the pro-Russian hacker group Killnet.
The group has been questioned over its intentions as they have been found using expensive tools for attacks. Researchers remain uncertain about the real motives of the hacker group that promises to be fighting for human rights.
This is also because Anonymous Sudan has worked with pro-Russian groups and targeted organizations in OpIsrael, OpSweden, and OpDenmark.
The hackers claimed to have targeted French airport portals, and medical institutions in March 2023. They accused France of humiliating Islam and its religious figure through cartoons. They also targeted Australian organizations in March.
Cyber attacks on France and NATO connection
Most of the cyber attacks launched by Anonymous Sudan were on NATO nations recently which includes pro-Ukrainian nations against the Russo-Ukrainian war.
The group has been known to often target organizations with DDoS attacks including the recent one on Microsoft.
The Microsoft cyber attack was claimed by Anonymous Sudan that impacted Microsoft Azure, Outlook, and OneDrive. They accessed large databases that had details of over 30 million email accounts.
They also tried to sell the data from Microsoft for $50,000.
In January, cybersecurity experts began expressing concerns about the emergence of a group called Anonymous Sudan.
Initially, researchers from TrueSec dismissed the group’s claims of affiliation with the Anonymous online activism collective and operating from Sudan.
Instead, they revealed that the group seemed to be part of a network of Russian hacktivist collectives like KillNet and UserSec. These groups collaborated closely to spread pro-Kremlin propaganda and target Ukraine’s allies in the West.
Anonymous Sudan: A contested origin
TrueSec uncovered several clues that exposed the true identity of Anonymous Sudan. For instance, the group’s use of the messaging app Telegram, which is popular among Russian hackers, was notable.
The app’s account associated with Anonymous Sudan was located in Russia, and the group had interacted with other Russian-linked hacktivists on the platform. Additionally, most of their posts on Telegram were in English and Russian, not Arabic.
The researchers also discovered that Anonymous Sudan had employed paid infrastructure in previous attacks, utilizing 61 servers to direct traffic and disrupt services. This indicated the involvement of a significant financier in their operations.
Mattias Wåhlén, a TrueSec threat intelligence expert, suggested that it was likely someone connected to the Russian government or President Vladimir Putin who financed Anonymous Sudan’s activities and paid KillNet for conducting the attacks.
In agreement with TrueSec’s findings, another cybersecurity firm named CyberCX published a recent report corroborating the assessment.
They also highlighted that while most hacktivists generally plan their actions in a semi-public manner online, Anonymous Sudan announced its targets abruptly as they were being targeted.
