OpenAI Faces DDoS Attacks on Its API and ChatGPT Services

Contents:

This week, OpenAI has dealt with “periodic outages” due to distributed denial-of-service (DDoS) attacks targeting its API and ChatGPT services.

While the company hasn’t immediately disclosed the exact cause of these issues, OpenAI has confirmed their connection to ongoing DDoS attacks.

We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.

Incident Report for OpenAI (Source)

Users affected by these problems have encountered error messages like “something seems to have gone wrong” and “There was an error generating a response” from ChatGPT.

This follows a series of recent incidents, including a significant ChatGPT outage on Wednesday, partial ChatPT outages on Tuesday, and increased error rates with Dall-E on Monday.

OpenAI has displayed a banner on ChatGPT’s interface, informing users of the high demand and assuring them that efforts are underway to improve system scalability.

Chatgpt error message

Anonymous Sudan Claims Responsibility for DDoS Attacks

While OpenAI has not yet identified the culprits behind these DDoS attacks, a group called Anonymous Sudan has come forward, claiming responsibility for the attacks on Wednesday.

They allege that the attacks stem from OpenAI’s perceived bias in favor of Israel and against Palestine.

On their Telegram channel, the attackers declared:

The CHATGPT link is now completely down worldwide, with thousands of reports flooding Twitter and other social media platforms. We challenge OpenAI to acknowledge that this is a DDoS attack.

Anonymous Sudan’s Telegram Channel (Source)

Additionally, the group confirmed that they use the SkyNet botnet in carrying out these attacks, which has been offering stresser services since October and recently incorporated support for Layer 7 (L7) DDoS attacks, specifically targeting the application layer, explains Bleeping Computer.

In Layer 7 DDoS attacks, threat actors inundate services with an enormous volume of requests, causing them to become unresponsive due to the inability to process such a high load.

And, unlike reflection-based volumetric DNS amplification network layer attacks that concentrate on bandwidth usage, layer 7 DDoS attacks put a great deal of stress on the targets’ servers and networks.

This happened before

In June, Anonymous Sudan was also responsible for taking down Microsoft services like Outlook, OneDrive, and Azure Portal through Layer 7 DDoS attacks.

Microsoft confirmed these claims and tracked the group’s activities under the code name Storm-1359. Storm-1359 employs three distinct types of Layer 7 DDoS attacks: HTTP(S) flood attacks, Cache bypass, and Slowloris.

Anonymous Sudan emerged in January 2023 with a declaration to target anyone opposing Sudan.

Subsequently, they shifted their focus towards global organizations and government agencies, causing disruptions to web-facing infrastructure.

If you liked this piece, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.

Madalina Popovici

Digital PR Specialist

Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS