On October 16, 2024, a federal grand jury unsealed an indictment against two Sudanese brothers, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, charging them with running a cyberattack-for-hire group called “Anonymous Sudan.” This group was responsible for carrying out 35,000 denial-of-service attacks against hundreds of organizations, including high-profile victims such as Microsoft, ChatGPT, PayPal, and more.
The brothers allegedly targeted a wide range of organizations worldwide, including governmental and private entities in the U.S., Netherlands, Bahrain, United Arab Emirates, Chad, Israel, and the U.K. The attacks were described as being motivated by a “Sudanese nationalist ideology” and were carried out for financial gain, with customers paying $600 or less for major cyberattacks.
According to prosecutors, Ahmed Salah was responsible for creating the infrastructure for the DDoS attacks, while Alaa Salah provided computer code and programming support. The group operated through Telegram channels, boasting up to 80,000 subscribers at one point and causing over $10 million in damages to victims in the U.S.
The indictment charged the brothers with conspiracy to damage protected computers, with additional charges for Ahmed Salah related to damaging protected computers. If convicted, Ahmed Salah could face a maximum sentence of life in prison, particularly for the attack on Cedars-Sinai hospital, which disrupted emergency services and endangered patients’ lives.
The FBI played a crucial role in disabling the group’s attack platform, the Distributed Cloud Attack Tool (DCAT), which was used to conduct devastating DDoS attacks. Special Agent in Charge Rebecca Day emphasized the FBI’s commitment to combating cybercrime and defending global cybersecurity.
Both brothers were arrested abroad in March and have been in custody since then, with potential extradition to the U.S. being considered. If found guilty, this case would mark the first cybercrime conviction tied to physical harm in the U.S., highlighting the serious consequences of engaging in malicious cyber activities.
