Luxembourg helps US in arrest of two members of Anonymous Sudan

Information provided by the Luxembourg authorities has enabled the US authorities to arrest two Sudanese nationals involved in Anonymous Sudan, a major cybercrime network specialising in distributed denial of service (DDoS) attacks.

Following an international investigation conducted in several countries, two Sudanese nationals were charged this week in the United States for their involvement in a major cybercrime network, Anonymous Sudan, which specialises in distributed denial of service (DDoS) attacks.

While the group claims to be based in Sudan and to be targeting so-called "anti-Muslim activities", its true origins remain unclear, and it has no connection with the well-known online activist group Anonymous. Threat researchers have also identified possible logistical and ideological links to the pro-Russian Killnet network.

Anonymous Sudan is suspected of participating in the series of cyber attacks that Luxembourg in mid-March, following the visit of Ukrainian cabinet ministers. Other victims of the attacks include government targets and important infrastructures around the world, including: the US Department of Justice, US Department of Defence, FBI, US State Department, as well as organisations and governments in Europe.

Anonymous Sudan has launched more than 35,000 DDoS attacks in about a year, causing more than $10 million in damage to victims in the United States alone.

Role of the Luxembourg authorities

The Swedish, Luxembourg and French authorities, as well as the European Union Agency for Cyber Security (Enisa) and the European Investment Bank, provided crucial intelligence that helped to understand how the criminal group operated and where its technical infrastructure was located. This information, shared with Europol and the US authorities, facilitated their investigation.

The authorities did not stop at tracking down the individuals behind Anonymous Sudan. They also targeted the IT infrastructure that enabled the criminals to carry out their attacks. In March 2024, the FBI obtained seizure warrants to neutralise the group's powerful DDoS tool.

Specifically, the warrants authorised the seizure of the computer servers that launched and controlled the attacks, the servers that relayed the attack orders and the accounts containing the source code for the DDoS tools used by Anonymous Sudan.

Read the French language version of this news report

Role of the Luxembourg authorities

Related articles