By Sergiu Gatlan on Thursday, 09 November 2023
Category: Security

Cloudflare website downed by DDoS attack claimed by Anonymous Sudan

Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the www.cloudflare.com website without impacting other products or services. The company didn't attribute the attack to a specific threat actor. 

"Cloudflare experienced a DDoS attack that caused intermittent connectivity issues to www.cloudflare.com for a few minutes. This DDoS attack did not affect any service or product capability that Cloudflare provides, and no customers were impacted by this incident."

"Cloudflare's website is deliberately hosted on separate infrastructure and cannot impact Cloudflare services. To be clear, our website is fully functional and up and running."

Anonymous Sudan (aka Storm-1359) also claimed a DDoS attack that took down OpenAI's ChatGPT bot on Wednesday and other attacks that have impacted Microsoft's Outlook.com, OneDrive, and Azure Portal in June.

While the group claims to be targeting countries and organizations interfering with Sudanese politics, some analysts believe it to be a false flag and link the group to Russia instead.

Update November 09, 16:25 EST: Cloudflare says a fix has been rolled out.

Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website

"We're sorry... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now," the error reads.

The message on Cloudflare's website also contains a Google logo with a font face that doesn't match the current design and looks "a little off," as Cloudflare's Head of Organic Social Ryan Knight said.

In an incident report added to its status page 10 minutes ago, at 20:59 UTC, Cloudflare said it's now looking into the issue. 

"www.cloudflare.com is experiencing issues. The Cloudflare Dashboard is accessible through dash.cloudflare.com and APIs and all Cloudflare services are unaffected," it said.

​Last week, Cloudflare's dashboard and APIs also went down after a power outage impacted its core data center in North America.

The full list of services whose functionality was wholly or partially affected also included Logpush, WARP / Zero Trust device posture, Stream API, Workers API, and the Alert Notification System.

Customers reported having issues logging into their accounts and seeing 'Code: 10000' authentication and internal server errors when accessing Cloudflare's dashboard.

Another outage took down multiple products on Monday, October 30, including Cloudflare Sites and Services (Access, CDN Cache Purge, Dashboard, Images, Pages, Turnstile, Waiting Room, WARP, Workers KV).

As explained in a post-mortem published two days later, that outage was caused by a misconfiguration in the tool used to deploy a new Workers KV build.

Update November 09, 17:19 EST: A threat group known as Anonymous Sudan claimed that they were the ones who took down Cloudflare's website in a distributed denial-of-service (DDoS) attack.

Related Posts

Leave Comments