US authorities have indicted two Sudanese nationals for their involvement in Anonymous Sudan, a notorious group responsible for a widespread distributed-denial-of-service (DDoS) attack network.

The two brothers, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, were charged with conspiracy to damage protected computers, with Ahmed Salah facing additional charges for damaging protected computers. If convicted, Ahmed Salah could face a life sentence, while Alaa Salah faces up to five years in prison.

Anonymous Sudan, linked to ideologically-motivated cyberattacks, carried out numerous DDoS attacks targeting multiple US and international organizations. Among their high-profile victims were the US Department of Justice, the Department of Defense, the Federal Bureau of Investigation (FBI), and the State Department, along with technology platforms and critical infrastructure providers.

The group’s attacks, designed to cripple websites and networks, have caused millions in damages, including disrupting the emergency department at Cedars-Sinai Medical Center for eight hours, forcing the redirection of incoming patients.

Over the past year, the group’s Distributed Cloud Attack Tool (DCAT) aka "Godzilla," "Skynet," and "InfraShutdown" was used to conduct over 35,000 DDoS attacks, causing over $10 million in damages to US-based victims alone.

The FBI, in coordination with other agencies, seized the group’s core servers and disabled the tool in March 2024, effectively neutralizing the group’s ability to launch future attacks.

Anonymous Sudan not only orchestrated the attacks but also marketed their DDoS tool as a service to other cybercriminal actors.

In the meantime, Brazil's Federal Police have arrested a notorious hacker known as USDoD, allegedly behind multiple high-profile cyberattacks, including breaches affecting the FBI and Airbus.

USDoD is suspected of selling and disclosing sensitive data, including a breach in December 2022 of the FBI's InfraGard platform, which exposed personal information of 80,000 members involved in critical U.S. infrastructure. In another attack, USDoD leaked details of 3,200 Airbus vendors. The hacker also accessed 2.9 billion private records from US-based data broker National Public Data, causing the company to file for bankruptcy.

The news follows the announcement from the Finnish authorities about the takedown of the dark web drug marketplace Sipulitie and its servers and contents. Sipulitie, active since 2023, was used for anonymous drug sales and other criminal activities. Authorities believe the same individual who ran Sipulimarket, which was busted in 2020, was behind Sipulitie. The authorities also shut down Tsätti, a chat-based drug sale site that had been operational since 2022 believed to be operated by the same individual.