Telegram has been targeted with a distributed denial-of-service attack by self-proclaimed hacktivist collective Anonymous Sudan, reports SecurityWeek.
Anonymous Sudan was reported by threat intelligence company SOCRadar to have launched the attack following the decision of Telegram to suspend their main account. SOCRadar noted that Anonymous Sudan had its main Telegram channel temporarily moved amid the suspension.
Such a DDoS intrusion comes after X, formerly known as Twitter, was also targeted by the group in an effort to hasten the launch of the Starlink satellite internet service, also owned by Elon Musk, in Sudan. Anonymous Sudan was also previously linked by SOCRadar and Truesec to the Russian hacking operation KillNet after analysis of the group's attacks revealed interactions primarily with Russian hackers.
Aside from discovering that Anonymous Sudan utilizes English and Russian in its posts, rather than Arabic, both reports also noted a lack of evidence associating the group with the original Anonymous Sudan hacktivists and the Anonymous hacking collective.
While 427,000 Fortinet devices running on FortiOS, FortiProxy, FortiSwitchManager, and FortiPAM iterations impacted by the critical CVE-2024-23113 flaw, another 62,000 FortiManager instances remain susceptible to attacks leveraging the CVE-2024-47575 bug, also known as FortiJump.
Initial access to the targeted SharePoint server through the flaw was leveraged to breach a Microsoft Exchange service account with elevated privileges, deploy the Huorong Antivirus, and install Impacket, resulting in the deactivation of legitimate antivirus systems and lateral movement.
Other Linux-based network devices may have also been targeted by Pygmy Goat, as indicated by its utilization of a fake Fortinet certificate, a pair of remote shells, and several communication wake-up techniques.