Campaigns
Anonymous Sudan Continues to Attack

Anonymous Sudan Continues to Attack

KillnetAnonymousSudan
The world of cyberattacks continues to evolve with the emergence of new hacktivist groups that target different countries for various political reasons. One such group that has been making headlines is KillNet Anonymous Sudan, which is affiliated with the pro-Russian hacktivist group KillNet.

Indicators of Compromise

secnoticeview.do
w32.00ab15b194-95.sbx.tg
bafybeig4warxkemgy6mdzooxeeuglstk6idtz5dinm7yayeazximd3azai.ipfs.w3s.link
strivemktsupporters.com
85.lp.ret.sbx.tg
secinfoview.do
client.smscredit.lv
40gmail.com

APT Groups2

KillnetRussian Federation
Anonymous Sudan

Campaign Guidance

Remediation, mitigation, notes, history and related intelligence

REMEDIATIONS
  • To prevent attacks by Anonymous Sudan, it is recommended to have a continuous information feed to stay up to date with the latest trends and threats in the cyber warfare world. 
  • In terms of DDoS, blocking all known indicators of compromise (IOCs) of the group, verifying anti-DDoS configuration, having anti-DDoS solutions, monitoring ISP lines, and having a secondary ISP line as a redundancy option are suggested.
  • As for websites, it is advised to make sure the site infrastructure is up to date with the latest patches, scan the site for vulnerabilities, verify the WAF service or appliance is updated with the latest signatures, and monitor the site for suspicious behavior while having it evaluated from a security standpoint.
  • Anonymous Sudan and other hacktivist groups have been known to cause disruptions with their attacks. It is essential to stay up to date with the latest security measures and take proactive steps to protect sensitive data and systems.

Reports & References1

Observed Countries6

AU (364)
DE (439)
GB (194)
TR (567)
UA (556)
US (230)