The service X experienced an outage lasting in excess of two hours, resulting in significant disruption for a large number of users.
The hackers utilized the Telegram platform to convey their message, urging for the expansion of Starlink services in Sudan and expressing their desire for the message to reach Elon Musk.
X has recently become the most recent target of a gang that claims to carry out attacks in order to further the causes of Sudan and Islam.
The BBC engaged in a series of private discussions with the hackers using the messaging application Telegram over a span of many weeks, in order to gain insights into their techniques and motivations.
According to a member of the organization, who identifies as Crush, the attack on Tuesday resulted in a significant influx of traffic directed towards X's servers, causing it to become inaccessible. It is worth noting that the gang employed rudimentary hacking methods, which align with their established reputation for employing straightforward and less advanced approaches.
Hofa, a member of another hacker organization, said that the DDoS (Distributed Denial of Service) attack was intended to increase awareness regarding the civil war in Sudan. The objective was to highlight the adverse impact of the conflict on internet connectivity, which frequently experiences disruptions.
The acknowledgement of the interruption caused by X has not been made publicly, and inquiries regarding the launch of Mr. Musk's satellite internet service in Sudan have not received a response.
The geographical location of the subject under discussion is situated within the borders of Sudan.
The group has faced allegations from numerous individuals within the cyber-security community of operating as a covert Russian cyber-military unit, clandestinely engaging in cyber-disruption activities against the Kremlin while masquerading as a foreign hacktivist organization.
The notion originates from the online endorsement of Russian President Vladimir Putin and a perceived convergence of objectives with other cybercriminal groups in the nation.
However, the criminal organization has consistently refuted any association with Russia and, for the first instance, provided the BBC with evidence suggesting its presence in Sudan.
Crush, who serves as the primary spokesperson and pivotal member of the organization, provided evidence by sharing his real-time geographic coordinates on the Telegram application.
The authenticity of these elements can be counterfeited with varied levels of complexity. However, following extensive discussions with the British Broadcasting Corporation (BBC) and a cyber-security expert known as Intel Cocktail, no evidence has emerged to indicate that the hackers are engaging in deception.
Crush expressed the overarching objective of demonstrating to the global community that individuals from Sudan possess commendable aptitude across diverse domains, despite their inherent limitations.
In the month of June, the gang disseminated a communication expressing their endorsement for the Russian government's efforts to quell a persistent insurgency led by the Wagner forces.
Nonetheless, Crush revealed that the Sudanese government saw its current situation as analogous to a past occurrence wherein Russia provided assistance, therefore instilling a desire within Sudan to reciprocate the favor. This sentiment stems from Russia's backing for the Sudanese government in its continuous struggle against the civil conflict.
The individual strongly asserts that their collective comprises a "limited quantity" of Sudanese hackers who are orchestrating the assaults from within the nation, while facing recurrent disruptions in internet connectivity.
Since its inception in January, Anonymous Sudan has effectively disrupted numerous organizations and government web sites in France, Nigeria, Israel, and the United States.
Over the course of the previous month, the gang has launched a series of attacks on Kenya, asserting that the government of Kenya is engaging in interference within the affairs of Sudan.
A single cyber assault significantly damaged the nation's eCitizen site, which serves as a public interface for accessing over 5,000 governmental services.
When questioned regarding the consequences for the general populace, Crush defended the activities by asserting that the purpose of targeting infrastructure is to impart a lesson to both the nation and its governing authorities. Additionally, Crush acknowledged the existence of some boundaries, namely when the attacks result in significant injury to innocent individuals.
Nevertheless, the gang has made unsuccessful attempts to target healthcare facilities.
The gang purports to engage in criminal activities under the guise of "defending the Truth, Islam, and Sudan." However, it has been seen that on at least two occasions, the gang has also made attempts to extort victims by demanding Bitcoin as a form of payment.
The organization has also directed its attention towards online platforms such as OnlyFans, Tumblr, and Reddit, asserting that these platforms facilitate the dissemination of objectionable content it categorizes as "disgusting smuts and other LGBTQ+ things."
In June, hackers expressed their elation when the US cyber-authority released an official advisory over a series of attacks targeting American organizations. The advisory cautioned that these attacks had the potential to incur significant financial and temporal burdens on organizations, as well as inflict reputational damage due to the unavailability of resources and services.
The organization's most prominent attack in June resulted in the disruption of Microsoft services, such as Outlook and OneDrive. Consequently, the tech giant was compelled to release a report with recommendations to customers on mitigating the impact caused by the gang.
BBC