ChatGPT Server Disrupted by DDoS Attack, OpenAI Confirms Incident
Yesterday, ChatGPT’s server went down – the AI model was inaccessible to users from all over the world and continued to periodically give errors. OpenAI has been addressing “periodic outages” targeting its API and ChatGPT services within the last 24 hours.
Users affected by this issue received error notifications stating “something seems to have gone wrong,” while ChatGPT responded to their queries with “There was an error generating a response.”
Earlier today, OpenAI confirmed that these issues are linked to an ongoing DDoS attack.
“We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this,” OpenAI commented on the situation in the incident report.
The incident occurred following the company’s resolution of another significant ChatGPT outage on Wednesday, which also impacted its API. Additionally, there were partial ChatGPT outages reported on Tuesday, and elevated error rates for Dall-E were observed on Monday.
DDoS Attack Caused by Anonymous Sudan
OpenAI was reluctant to officially attribute these DDoS attacks. However, a group identified as Anonymous Sudan claimed responsibility for the attacks on Wednesday, stating that the motive behind them was OpenAI’s “general biases towards Israel and against Palestine” – attackers commented on their Telegram channel: “ChatGPT link completely dead now worldwide, thousands of reports all over twitter and social media, let us see if they will admit it’s a DDOS attack.”
The group used the SkyNet botnet in the attacks, which added Layer 7 (L7) DDoS attacks – a support for application layer attacks – to its list of services last week. In Layer 7 DDoS attacks, threat actors focus on the application level, flooding services with an overwhelming volume of requests, causing them to hang as they are unable to process the influx.
The significant strain of the targets’ server and network resources makes the attack highly effective – so far there is no estimated time for resolution.
Who is Sudan?
The Anonymous Sudan group also targeted Microsoft’s Outlook.com, OneDrive, and Azure Portal in similar Layer 7 DDoS attacks before, with the company verifying their claims and monitoring the group’s activity as Storm-1359. OpenAI revealed that Anonymous Sudan uses three types of Layer 7 DDoS attacks: HTTP(S) flood attacks, Cache bypass, and Slowloris.
Since 2023, the hacker group has directed their attacks towards global organizations and government agencies, aiming to disrupt web-facing infrastructure.
Anonymous Sudan continues to justify the presence of Anonymous in their name by engaging in activities resembling high-profile PR campaigns, announcing intentions to target anyone opposing Sudan.
While some cybersecurity researchers tend to link the group’s actions to Russia, the reasons for attacks on American companies may also include the group’s potential relationship with Israel.
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.