OpenAI Faces DDoS Attacks on Its API and ChatGPT Services

While OpenAI has not yet identified the culprits behind these DDoS attacks, a group called Anonymous Sudan has come forward, claiming responsibility for the attacks on Wednesday.

They allege that the attacks stem from OpenAI’s perceived bias in favor of Israel and against Palestine.

On their Telegram channel, the attackers declared:

The CHATGPT link is now completely down worldwide, with thousands of reports flooding Twitter and other social media platforms. We challenge OpenAI to acknowledge that this is a DDoS attack.

Anonymous Sudan’s Telegram Channel (Source)

Additionally, the group confirmed that they use the SkyNet botnet in carrying out these attacks, which has been offering stresser services since October and recently incorporated support for Layer 7 (L7) DDoS attacks, specifically targeting the application layer, explains Bleeping Computer.

In Layer 7 DDoS attacks, threat actors inundate services with an enormous volume of requests, causing them to become unresponsive due to the inability to process such a high load.

And, unlike reflection-based volumetric DNS amplification network layer attacks that concentrate on bandwidth usage, layer 7 DDoS attacks put a great deal of stress on the targets’ servers and networks.

This happened before

In June, Anonymous Sudan was also responsible for taking down Microsoft services like Outlook, OneDrive, and Azure Portal through Layer 7 DDoS attacks.

Microsoft confirmed these claims and tracked the group’s activities under the code name Storm-1359. Storm-1359 employs three distinct types of Layer 7 DDoS attacks: HTTP(S) flood attacks, Cache bypass, and Slowloris.

Anonymous Sudan emerged in January 2023 with a declaration to target anyone opposing Sudan.

Subsequently, they shifted their focus towards global organizations and government agencies, causing disruptions to web-facing infrastructure.