Could a Germany-based Tunisian student be behind the cyberattack on Morocco's CNSS ?
The cyberattack that targeted the Moroccan Employment Ministry this week compromised 3,000 pay slips belonging to its employees. The breach also affected the National Social Security Fund (CNSS), leaking details of nearly 500,000 companies and thousands of salary declarations.
The hacker group, which identified itself as Algerian, made its motivations clear, stating on their Telegram channel that the attack was a response to the actions of Moroccan hackers who «stole the Twitter account of the Algerian Press Service (APS)».
«100% of cybersecurity guys leave trails behind them»
But were the hackers behind what could be called the largest data leak targeting Morocco really orchestrated by Algerians? An investigation conducted by a cybersecurity group and sent to Yabiladi suggests that the perperator could be a Tunisian student based in Germany.
«100% of cybersecurity guys leave trails behind them. Who is behind the CNSS Hack?» reads the title of the inquiry. The investigation indicates that the Telegram group Jabarout DZ announced the compromise of sensitive CNSS data, but the message wasn't «posted directly by the group but was forwarded from another Telegram user». This user is reportedly identified as «3N16M4».
Suspiciously, the investigation notes, this initial message was deleted and reposted, this time without the «forward from» user name. The authors of the investigation believe this deletion was a «mistake», suggesting that the hacker either forwarded the message from their own account by mistake or from the account of the individual behind the hack. They speculate that the error was quickly backtracked by deleting the message.
This mistake was the starting point for the investigators. When they inquired about that same username, they found it was associated with an account on GitHub, a platform where developers can create, store, manage, and share their code. «The profile belongs to a user with a keen interest in IT, showcasing numerous repositories filled with programming projects», the investigators noted.
A possible link to a Tunisian student
This led to the discovery of the user's email address, full name, and country, which could point to the individual behind the CNSS breach. «We've uncovered some valuable information—an email address that appears to be from a German university», wrote the experts, adding that further checks even revealed «the real full name of the user», who is believed to be «related to the IT industry, and perhaps even to the hacking field».
The individual is believed to be a security engineer living in Bochum, Germany. Further checks by the group suggest he is a Tunisian student based in Germany, who is believed to have studied at Ostfalia University, as «one of his email addresses is still active in the university's database», the group claims.
«These are the findings to date, and the investigation is still ongoing. We are solely conducting public reconnaissance without accusing anyone yet», the group stated, backing their investigation with photos.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Morocco World
3 hours ago
- Morocco World
Amid Justice Ministry's Denial of Cyberattack, ‘Jabaroot' Claims Hack of Morocco's Road Safety Agency
Rabat — The Ministry of Justice issued a statement today regarding alleged leaks of electronic data, noting that the allegations do not in any way pertain to the ministry's information systems or database. The Ministry of Justice responded to the reports circulated on social networks and media platforms regarding the leaks, noting that the circulated information 'does not in any way pertain to the Ministry of Justice's information systems, nor is it related to its databases or secure digital services.' The ministry said that its information systems, including digital platforms for judicial and administrative services, are operating normally and securely. 'They have not been subjected to any breaches or data leaks,' the ministry said, noting that it implements multi-layered protection protocols. It also urged citizens to obtain information related to its operations from official and authorized sources, and to avoid 'giving credence to rumors or inaccurate news that could cause unnecessary confusion and concern.' The ministry also reiterates its commitment to ensuring the security and integrity of data and information related to the justice system and digital services, confirming its 'continued efforts to strengthen cybersecurity measures and vigilance to confront all potential risks in this field.' Algerian hacker group 'Jabaroot' claimed responsibility for the new alleged cyberattack against the Moroccan ministry. This is a continuation of Jabaroot's hacking claims. Recent social media reports suggest that the group published a leaked dossier from Morocco's road safety agency, NARSA. It remains to be seen whether the claim is authentic or another allegation that will be eventually denied by the agency in the coming hours. In the past few months, the group made similar announcements, claiming responsibility over cyberattacks targeting several other Moroccan databases, including the National Social Security Fund (CNSS) and the National Agency for Land Registry (ANCFCC). Sources from the land registry agency denied that its system was directly targeted, clarifying that the breach involved a notaries' platform, Tawtik, which is managed independently. An authorized source from ANFCC said recently that no intrusion or data leak has been detected in its information system. Converging reports suggested that the Algerian hacking group may have access to data on the notaries' platform by 'exploiting vulnerabilities in inadequately protected computers.' Tags: Algerian hackerJabaroot
Morocco World
4 hours ago
- Morocco World
King Mohammed VI, Trump to Announce Major Boeing Aircraft Purchase Deal
Rabat — Royal Air Maroc (RAM) is expected to renew its fleet through a new deal with Boeing, as well as a new small order from Airbus. Reuters quoted industry sources as saying that Royal Air Maroc is close to securing a deal with Boeing for dozens of jets. Europe's Airbus, however, is also seeking to supply the Moroccan carrier with a small order for 20 A220 jets. 'The sources asked not to be named because the negotiations are not public,' Reuters reported , noting that talks have been ongoing for over a year to enable Royal Air Maroc to renew its virtually all-Boeing fleet. The company is expected to cling to its traditional supplier for its demands, including the 737 MAX and 787 Dreamliner. 'While the fleet plan reinforces the carrier's historic ties with Boeing, the sources said, it opens the door to Airbus for the first time in almost 25 years with an order for the A220,' the news outlet said. It also recalled that the potential order from Airbus comes as Morocco and France are boosting bilateral ties at all levels. These ties have been building rapidly ever since France's historic decision to recognize Morocco's sovereignty over its southern provinces in Western Sahara in July of last year. Reuters' report came a few days after Bloomberg announced the same news, noting that Royal Air Maroc is in the final stages of a significant aircraft deal with Boeing, alongside a smaller agreement with Airbus. Bloomberg cited sources familiar with the matter, noting that the Boeing order could be delayed, potentially pending a high-level meeting between King Mohammed VI and US President Donald Trump. If confirmed, the high-level meeting could further upgrade the already strengthening ties between the US and Morocco, particularly as Washington has recently reaffirmed its steadfast support for Morocco's territorial integrity, especially over the southern provinces in Western Sahara. Earlier this month, Minister of Transport and Logistics Abdessamad Kayouh said in a parliamentary session on June 3 that Royal Air Maroc plans to acquire 10 more aircraft before the end of the year and another 10 in 2026. He said that the company also welcomed three Boeing 787 Dreamliners during the first week of June, on top of two new planes delivered earlier this year. In 2023, Royal Air Maroc announced that it is seeking to increase its fleet of commercial aircraft, boosting the number from 50 to 200 over the next 15 years. The program is part of the government's pledges to support the tourism roadmap. Morocco's ambition is to attract 65 million tourists by 2037. In 2024, the North African country celebrated a major milestone, welcoming over 17.4 million tourists. Tags: Royal Air Maroc (RAM)Royal Air Maroc Best Airline in Africa
Ya Biladi
4 hours ago
- Ya Biladi
Moroccan Ministry of Justice denies data breach claims by Algerian hackers
Two days after the Algerian hacker group Jabaroot claimed to have leaked data allegedly belonging to the Moroccan Ministry of Justice, the ministry officially confirmed that the circulated information is not related to its systems in any way. In an official statement, the ministry affirmed that its databases and secure digital services are functioning normally and have not been compromised by any hacking or data breach. The ministry emphasized that it employs advanced, multi-layered protection protocols aligned with the latest international cybersecurity standards, and its systems undergo regular technical testing and evaluations by specialized teams to ensure their security. The Ministry of Justice urged citizens to rely solely on official sources for information and warned against spreading rumors and false reports that could cause unnecessary alarm without any factual basis.
