Speculations arise about potential ties between Anonymous Sudan and other geopolitical entities, raising cybersecurity concerns.
OpenAI has been managing “periodic outages” caused by recent Distributed Denial-of-Service (DDoS) attacks on its API and ChatGPT services in the past 24 hours. Although the company hasn’t immediately revealed the specific cause, OpenAI confirmed today that these incidents are a result of ongoing DDoS attacks.
In an update to an incident report released 11 hours ago, OpenAI acknowledged, “We are contending with intermittent outages due to an abnormal traffic pattern indicative of a DDoS attack. We are actively working to mitigate this issue.” Users encountering these problems see “something seems to have gone wrong” errors, with ChatGPT displaying “There was an error generating a response” for their queries.
These occurrences follow the company’s response to a previous significant outage of ChatGPT, which also disrupted its Application Programming Interface (API) on Wednesday, as well as partial ChatGPT outages on Tuesday and elevated error rates with DALL-E on Monday.
A banner displayed on ChatGPT’s interface during the incident yesterday warned users, “We’re experiencing exceptionally high demand. Please bear with us as we focus on scaling our systems.”
Impact of DDoS Attacks on Affected Services
OpenAI hasn’t attributed these DDoS attacks yet, but a group called Anonymous Sudan claimed responsibility for them on Wednesday. They alleged that OpenAI’s bias towards Israel over Palestine was the reason behind the attacks.
On their Telegram channel, the attackers stated, “CHATGPT link completely dead now worldwide, thousands of reports on Twitter and social media, let’s see if they will admit it’s a DDoS attack.”
The group confirmed using the SkyNet botnet in these assaults, which has been offering stresser services since October and recently added support for Layer 7 (L7) DDoS attacks targeting the application layer.
Layer 7 DDoS attacks overwhelm services by bombarding the application level with an extensive volume of requests, causing service disruptions due to the inability to process them all. These attacks significantly strain server and network resources, unlike reflection-based volumetric DNS amplification network layer attacks that focus on consuming bandwidth.
In June, Anonymous Sudan reportedly targeted Microsoft’s Outlook.com, OneDrive, and Azure Portal in Layer 7 DDoS attacks. Microsoft acknowledged these claims and referred to the group’s activity as Storm-1359. The company highlighted three types of Layer 7 DDoS attacks utilized by Anonymous Sudan: HTTP(S) flood attacks, Cache bypass, and Slowloris.
Anonymous Sudan emerged in January 2023, announcing their intent to target entities opposing Sudan. Their subsequent attacks targeted global organizations and government agencies, causing disruptions to web-facing infrastructure.
Nevertheless, some cybersecurity researchers suspect a false flag operation and suggest potential links between the group and Russia.
