Skip links

Anonymous Sudan: Pro-Islamic Hacker Group Engages in Cryptocurrency Donation Campaign

Anonymous Sudan, a pro-Islamic hacker group, has recently published a donation campaign on their Telegram channel, urging contributions through various digital currencies. It should be noted that there is no indication that large number of transactions were made to the group.

Operating since January 2023, Anonymous Sudan has focused on targeting Israel while advancing a pro-Islamic agenda. In the recent month, their primary activity has centered around engaging in Al-Aqsa Flood cyber operations. This includes various cyber-attacks in support and aligned with the objectives of Hamas, against Israel. Moreover, Anonymous Sudan has formalized an alliance with the Russian proxy group known as Killnet.

Left: DDOS attack on so called Fake Israel website of Hamas; Right: Donation Campaign to Anonymous Sudan (Source: Anonymous Sudan Telegram channel)

It’s worth noting that this isn’t the first time of a hacking group solicit donations through cryptocurrency. Groups, such as Linked-Iran Blackshadow, which has initiated similar campaigns, actively seeking contributions via digital currencies such as Bitcoin and Monero in 2021-2022. This trend highlights a broader strategy employed by hacking groups, emphasizing the use of decentralized financial systems to fund their operations.

November 2021 Blackshadow donation campaign (Source: Blackshadow Telegram)

Donations campaign, represent only one aspect of the larger fundraising activities undertaken by hacker groups. In particular, they are known to engage in criminal activities, including the sale of data leaks online and offering hacking services. Such example is a post published by anonymous Sudan under there new channel DDOS stating: “DDOS Services at a discounted price…do you want to destroy your competitor?…payment via BTC… order an attack”.

Anonymous Sudan DDOS channel offering Hacking services.

In recent years, the landscape of so-called hacktivist groups has witnessed a trend characterized by a dual agenda—political and criminal in nature. Initially, these groups seemingly limit their activities to ‘openly’ engaging in cyber operations driven by political motives, using these actions as a showcase of their technical capabilities. However, as their operations progress, a shift occurs.

It appears that these hacker type of groups transition to a second stage, where they more openly embrace criminal activities with the primary goal of financial gain. This evolution involves offering hacking services, the sale of leaked data on various platforms, and engaging in ransomware operations. Such are the cased of “Anonymous Sudan” and “Stormous” hacker group, which had almost identical progression. 

Chart: Hacker Gorup Funding Method

The integration of a criminal agenda alongside political motivations blurs the lines between hacktivism and cybercrime, creating the need for adaptive strategies to address the multifaceted threats posed by these groups.