Microsoft Azure, Outlook and OneDrive outages due to Anonymous Sudan DDoS attacks

DDoS attacks by Anonymous Sudan

Microsoft representatives have confirmed that Layer 7 DDoS attacks by Anonymous Sudan were the cause of the recent outages in the Azure, Outlook, and OneDrive portals.

The company attributes these attacks to the Storm-1359 group, which identifies itself as “Anonymous Sudan”.

It is worth noting that we previously reported that one in every five Russian citizens aspires to become a hacker, and also that Russian Hackers Utilize Passion DDoS Platform to Target Medical Facilities.


Service disruptions were observed in early June 2023. According to Bleeping Computer, was attacked on June 7, OneDrive on June 8, and the Microsoft Azure portal on June 9.

Although Microsoft did not officially report DDoS attacks at the time, it was evident that they were the cause, as the company stated that load balancing processes were implemented to mitigate the issue.

The attacks were claimed by the group Anonymous Sudan, which stated that the purpose was to protest US interference in Sudan’s internal affairs.

We have the ability to target any American company we desire. Americans, hold your government accountable for planning to meddle in Sudan’s internal affairs. We will persistently target major US companies, government entities, and critical infrastructure.the hackers wrote.

The Microsoft Security Response Center has now officially confirmed that the service outages were indeed the result of Layer 7 DDoS attacks, and the group tracked by the company as Storm-1359 is responsible for these attacks.

Since the start of June 2023, Microsoft has detected significant traffic spikes for certain services, temporarily impacting their availability. These attacks likely utilized various virtual private servers (VPSs), rented cloud infrastructure, open proxies, and DDoS tools.the report says.

The researchers additionally state that Anonymous Sudan employs three types of Layer 7 DDoS attacks: HTTP(S) flood, Cache bypass, and Slowloris.

Anonymous Sudan

Although Microsoft tracks this group as Storm-1359, as mentioned before, the group is better known as Anonymous Sudan. The group emerged in January 2023, announcing that it would target any country opposing Sudan.

Over the past six months, the group has targeted organizations and government agencies worldwide through DDoS attacks, as well as hacking and data leaks.

Starting in May 2023, the group initiated DDoS attacks on large organizations, demanding ransom to cease the attacks. Initially, Scandinavian Airlines (SAS) was targeted, after which the hackers shifted their focus to American companies such as Tinder, Lyft, and medical institutions throughout the United States.

When Anonymous Sudan turned its attention to Microsoft and launched DDoS attacks on Outlook, Azure, and OneDrive, they demanded a payment of $1,000,000 to halt the attacks.

You were unable to repel an attack that lasted for several hours, so how about paying us $1,000,000? We will even train your cybersecurity specialists to defend against attacks and ensure our side ceases the assault. A million US dollars is a trifling amount for a company of your caliber.the attackers wrote.

DDoS attacks by Anonymous Sudan

Simultaneously, some information security researchers speculate that the group may be operating under a false flag and potentially have connections to Russia. These suspicions have only grown stronger since the hackers announced the establishment of a “DARKNET parliament” comprising other pro-Russian hackers, including Killnet and REvil, and subsequently participated in the recent attack on the European Investment Bank (EIB).

In response to these allegations, the hackers made the following statement on their Telegram channel (presumably utilizing machine translation):

Everyone assumes that we are Russians, which is completely absurd. The reason for this belief is that all the countries we attack are hostile towards Russia but also hostile towards Islam or Sudan. So, does this serve as proof that we are Russians? I fail to comprehend people’s reasoning!!

It is worth mentioning that cybersecurity experts previously reported on the Russian DDOSIA Project, which compensates volunteers to participate in DDOS attacks against Western companies.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Volodymyr Krasnogolovy

I'm a journalist, cybersecurity specialist, content manager, copywriter, and photojournalist. With a deep passion for cybersecurity and a diverse skill set, I'm excited to share my expertise through this blog. From researching the latest threats to crafting engaging narratives and capturing powerful visuals, I strive to provide valuable insights and raise awareness about the importance of cybersecurity.

Leave a Reply