The collective hacktivist group, Anonymous Sudan, has claimed responsibility for the distributed denial-of-service (DDoS) attack that struck Microsoft’s services. The group has been active since January this year and claimed they would target any country that shows opposition against Sudan.
However, some researchers believe the hacktivist group is a sub-group of the Russian-backed cybercriminal organisation called Killnet.
Microsoft denies the claims of Anonymous Sudan.
According to Microsoft, they did not suffer any data breach from the Anonymous Sudan hacktivist group. However, the company experienced severe outages for multiple services, including OneDrive file-sharing apps, cloud computing infrastructure Azure, and Outlook email.
Researchers explained that the attackers relied on access to several virtual private servers with rented cloud infrastructure, DDoS kits, and accessible proxies.
The massive IT company has yet to provide details about the outage, but newer investigations confirmed that it was targeted by distributed denial-of-service attacks. Last month, Microsoft spotted increased traffic against some services that temporarily affected their availability to its users.
Moreover, the company immediately launched an investigation and began tracking the threat actor’s ongoing DDoS activity. Furthermore, Microsoft follows Anonymous Sudan as the Storm-1359 group.
The company explained that they have yet to identify evidence that their customer data became subject to any heist or compromise. However, the Pro-Sudan hacktivist group announced they had stolen about 30 million of Microsoft’s customer accounts in their recent attack against the company.
Furthermore, the attackers revealed in one of their posts that they had successfully hacked Microsoft and had accessed an extensive database that includes millions of Microsoft accounts, emails, and passwords. Earlier this month, they also posted on Telegram that they are selling the entire database for $50,000.
The hacktivist group has then shared a sample of the alleged stolen information to make their offer legitimate to anyone willing to purchase the database.
The IT giant has yet to release a public statement to address Anonymous Sudan’s data breach claims. However, the effects of this attack on Microsoft could be significant if it turns out to be true.
