U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DDoS attack leads to significant disruption in ChatGPT services

OpenAI confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. OpenAI confirmed earlier today that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. “We are dealing with periodic outages due to an abnormal traffic pattern […]

OpenAI ChatGPT Man-in-the-Prompt

OpenAI confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack.

OpenAI confirmed earlier today that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack.

“We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.” reads the update posted by OpenAI on its status page 17 hours ago.

The organization first reported partial service outages on November 7, but on November 8 the services were disrupted.

The attack was launched by the pro-Russia group Anonymous Sudan (aka Storm-1359) that claimed the attack on its Telegram channel:

“Some reasons why we targeted OpenAI and ChatGPT:

  • OpenAI’s cooperation with the occupation state of Israel and the CEO of OpenAI saying he’s willing to invest into Israel more, and his several meetings with Israeli officials like Netanyahu, as Reuters reported.
  • AI is now being used in the development of weapons and by intelligence agencies like Mossad, and Israel also employs AI to further oppress the Palestinians.
  • OpenAI is an American company, and we still are targeting any American company 
  • ChatGPT has a general biasness towards Israel and against Palestine as it has been exposed in twitter, in general there’s huge bias of the model towards some topics which has to be fixed”
OpenAI Chat GPT Anonymous Sudan

At the time of this writing, ChatGPT seems to be working without problems.  

Collective Anonymous Sudan has been active since January 2023, it claims to target any country that is against Sudan. However, some security researchers believe that Anonymous Sudan is a sub-group of the pro-Russian threat group Killnet.

Threat actors relied on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.

In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing apps, and the cloud computing infrastructure Azure.

The collective Anonymous Sudan claimed responsibility for the DDoS attacks that hit the company’s services.

In July, Anonymous Sudan announced it had stolen credentials for 30 million customer accounts.

In September, Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, OpenAI ChatGPT)