Latest news with #JabaRootDZ
Ya Biladi
09-04-2025
- Politics
- Ya Biladi
Cyberattacks : The new frontline in the Morocco-Algeria rivalry
Rivalry between Moroccans and Algerians has extended beyond social media disputes over cultural, culinary, and fashion heritage, reaching into the realm of cyberattacks. Tensions between the two countries have spilled into the cyber domain, with Moroccan and Algerian hackers targeting government websites, social media accounts, and media institutions. One of the most significant recent incidents was orchestrated by Algerian hackers, who leaked a large volume of sensitive data. The Algerian group JabaRoot DZ launched a series of cyberattacks targeting the websites of Morocco's Ministry of Economic Inclusion and the National Social Security Fund (CNSS). This attack stands out as the largest in a long-running series of mutual cyberattacks between hackers from the two countries—an escalating cyberwarfare fueled by political tensions. Yabiladi recapped cyber incidents between Moroccan and Algerian hackers over the last 15 years, most of which followed political developments or flashpoints of conflict, such as the Western Sahara issue and Algeria's support for the Polisario. Politicized cyber-attacks In 2010, following the deadly Gdim Izik events in which 11 Moroccan security officers were killed, Moroccan hackers targeted the websites of the Algerian Ministry of the Interior and the Algerian National Tourist Office. The attacks were described as acts of «revenge» and retaliation for the violence in Laayoune. That same month, November 2010, Moroccan hackers breached the website of the Algerian embassy in the United States, leaving behind a Moroccan flag and the national anthem as their signature. These cyber offensives continued into 2011, with Moroccan hackers attacking several Algerian government websites, including that of the Algerian tax authority. They left a defiant message on its homepage: «Moroccan dissuasive forces are defending the supreme interests of the Kingdom». The homepage also displayed the Moroccan national motto, «Dieu, la patrie, le roi» (God, the Country, the King), along with a map of Morocco bearing the national flag. According to Algerian newspaper TSA, Moroccan hackers also breached other financial and government websites, including the Algiers stock exchange. Algerian hackers quickly retaliated, hacking 174 Moroccan company and institutional websites and leaving a message «in response to a group of Moroccan idiots». These attacks coincided with a speech by King Mohammed VI on the 36th anniversary of the Green March, during which he called on Algeria to help build a strong and united Maghreb. In 2013, Moroccan hackers targeted the website of Algeria's public television channel (ENTV), leaving messages asserting Morocco's sovereignty over the Sahara. On the same day, they also reportedly breached the Algerian stock exchange's website. TSA noted that Moroccan hackers frequently targeted Algerian newspapers, including TSA itself, Le Quotidien d'Oran, and Transactions d'Algérie. In 2014, Algerian hacking groups retaliated. According to a report by the Moroccan Institute for Policy Analysis (MIPA), websites including the Moroccan Ministry of Foreign Affairs and other government portals were attacked by Algerian hackers. «No peace between systems» By 2020, cyberwarfare between the two nations had escalated further. That year, Moroccan hackers breached the Algerian Ministry of Health's website, along with sites belonging to the national agency for hydrocarbon resource development, UNESCO Algeria, and others including the Environmental Sector Policy Support Program, ONID, and the Mazafran Hotel. In November 2021, Algerian hackers struck back, hacking the website of the General Confederation of Moroccan Enterprises (CGEM), replacing its contents with an Algerian flag and the message: «No peace between systems». In response, Morocco Hack Team targeted the website of the Algerian Ministry of Finance. Earlier that same year, Moroccan hackers breached 280 Algerian websites, including many affiliated with the government. The attack was allegedly in response to comments on King Mohammed VI by Al-Shorouk TV deemed «insulting». The cyberwar continued into 2022. In March, the Algerian Ministry of Justice accused Moroccan hackers of compromising its official Twitter account, which briefly published pro-Russian messages and inflammatory accusations against Ukrainian President Volodymyr Zelensky before the tweets were deleted. In August of the same year, the website of Dhar El Mahraz University of Sciences in Fez (FSDM) was hacked by a young Algerian hacker. In January 2023, the website of the National Library of the Kingdom of Morocco (BNRM) was breached. The hackers left a message: «We're sending a message to Moroccan hackers: stop leaking Algerian data so we can stop ourselves too». Shortly after, confidential data from Morocco's Ministry of National Education was published, exposing information on nearly one million students. In retaliation, thousands of records on Algerian students were leaked online, according to media reports. An alternative battlefield The ongoing cyber conflict continues to compromise sensitive data and disrupt digital infrastructure in both countries. Experts describe these incidents as a new form of confrontation. In an article titled A Cyber Shadow War between Algeria and Morocco, African affairs researcher Hamdi Bashir argues that this growing wave of cyberattacks signals a new phase of unconventional hostility. He warns that these attacks are likely to escalate further, targeting government systems, infrastructure, public services, military facilities, and economic sectors—particularly oil and gas. With a similar conclusion, the cyber-intelligence company specializing in external threat landscape management, CYFIRMA, stated in a 2024 report on cyberattacks in Morocco that recent attacks in the country «have become a powerful tool to inflict damage and assert influence». Beyond the geopolitical considerations, these attacks expose Morocco's vulnerability to such targeting. A MIPA analysis on the achievements and challenges facing cybersecurity in Morocco indicates that the evolving nature of cyber-attacks «necessitates constant adaptation, conformity with the international context, and investment in technological solutions, human resources, and national and international cooperation to ensure a robust cybersecurity posture».
Ya Biladi
09-04-2025
- Business
- Ya Biladi
Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment
On April 8, 2025, the Algerian hacker group JabaRoot DZ launched a series of cyberattacks on Moroccan institutions, in what may be the biggest data breach the country has ever seen. The main targets were the websites of the Ministry of Economic Inclusion and the National Social Security Fund (CNSS). The group made its motivations clear: «This leak is a response to the hostile actions of Moroccan hackers who stole the Twitter account of the Algerian Press Service (APS) after it was banned by Twitter», they wrote on their Telegram channel. Ministry seeks to reassure The Ministry of Economic Inclusion confirmed that its website had been defaced by hackers identifying as Algerians. However, it downplayed the breach, stressing that the site is purely informational and does not contain professional or sensitive databases. «No personal or sensitive data has been compromised», it said in a statement. But was the ministry too quick to make such claims, without conducting a proper audit to assess the damage? JabaRoot DZ wasted no time in challenging the ministry's statement, publishing what it claimed were employee pay slips from the ministry. JabaRoot DZ published over 3,000 pay slips belonging to Ministry employees. Despite this, the Ministry denied the authenticity of the documents circulating online, claiming they had been wrongly attributed to its services. CNSS Hit by Massive Data Breach Just hours after the attack on the ministry, JabaRoot DZ claimed a far more serious intrusion—this time targeting CNSS. The group said it had accessed confidential documents, including salary declaration certificates from various companies and lists of employees by name. Initial analysis suggests the breach involved an Excel file containing details on nearly 500,000 companies and around 53,576 PDF files. According to documents published by the hackers, the leaked data includes salary declarations from past years involving companies such as the royal holding SIGER, several banks, the Israeli Liaison Office in Morocco, and multiple Moroccan media outlets. Some of the files even reveal the declared salaries of high-profile individuals. CNSS previously alerted by Yabiladi in 2020 This isn't the first time CNSS has faced a data security incident. In January 2020, Yabiladi reported an unsecured access point exposing data for 3.5 million private sector users. The exposed information included ID numbers, addresses, bank account details, health reimbursement histories, and up to four years of salary records. After being alerted, CNSS's IT team quickly patched the vulnerability, and the National Commission for the Protection of Personal Data (CNDP) launched an investigation. As of now, CNSS has not issued any official statement regarding the latest attack. But according to a Moroccan cybersecurity expert contacted by Yabiladi, it represents «the largest data leak in Morocco's history». Authorities are currently assessing the extent of the breach and ramping up cybersecurity defenses to prevent future attacks. This incident underscores just how vulnerable digital infrastructures can be in the face of cyber threats—especially against the backdrop of heightened tensions between Algeria and Morocco. JabaRoot DZ has already issued a warning: «Any future hostile action against Algerian interests will be met with even stronger responses».
