“In (a) few days you will receive full disclosure of the data – We the Anonymous will stand against corruption, child abuse, and child labor!”

– Operation Africa

“It’s too late for Kenyan government to expect us”: Anonymous

The online hacktivist Anonymous has conducted a sophisticated cyber attack on the government of Kenya by breaching its Foreign ministry server, stealing a trove of data and ending up leaking some of it on the Dark Web. The cyber attack was conducted under the banner of operation OpAfrica which was launched last year against child abuse, child labour and corruption in the African countries.
HackRead, a cyber security news site, reported that a hacker affiliated with “Operation Africa” had told it: “In (a) few days you will receive full disclosure of the data – We the Anonymous will stand against corruption, child abuse, and child labor!”
A link to a sample of 95 documents was published to a widely known Anonymous Twitter account, part of what it claimed was a one-terabyte stash of date from Kenya’s Ministry of Foreign Affairs and International Trade. The sample documents cannot be read using standard Web browsers but can be viewed using TOR.
So far, the documents appear to consist of mostly routine correspondence between Kenyan foreign ministry officials and other diplomatic missions, trade partners and international companies around the world.
The dumped data contains confidential and non-confidential PDF and Docx files from the ministry server including email conversations, security related communication, international trade agreements and letters discussing the security situation in Sudan where government forces are fighting the Sudan People’s Liberation Army (SPLA).
Other letters include conversation related to weapon clearance in Namibia, details about a business collaboration deal between Kenya and Oman, several other documents discussing state officials visiting the country. However, one internal email document is really interesting and talks about security alert for the ministry of foreign affairs’ staff sent by Information Communications Technology (ICT) stating that someone is trying to hack staff email IDs by sending phishing emails containing malicious links. The ICT administrator also shared a screenshot of an email sent by the hackers.

The dumped data does not include email addresses or passwords, however, in an exclusive conversation with one of the Anonymous hackers HackRead was told:

We have 1TB of data but at the moment, we have leaked just one portion of it. In few days you will receive full disclosure of the data – We the Anonymous will stand against corruption, child abuse, and child labour! The government of Kenya should have expected.

The leaked data can be accessed using Tor Onion browser. Remember, in March 2016, Kenyan oil refinery website was also defaced for OpAfrica. Another group hacked South African job portal, Ugandan Ministry Of Finance and an IT company under the Rwandan government. The group also leaked details of 64,000 workers from Tanzanian telecom firm for OpAfrica.
A news release in January by activists described Operation Africa as an effort to mount computer attacks on governments in Rwanda, Uganda, South Africa, Zimbabwe, Tanzania, Sudan and South Sudan and Ethiopia. The Kenyan government was not on the initial list.
The Kenyan ministry documents leaked on Thursday included email discussions of security preparations for diplomatic trips, trade deals and a status report on the conflict between Sudan and South Sudan, dated from the middle of this month.
One document, from last August, contains a warning to ministry staff of hacking attempts using phishing techniques containing links to malware.

Kenya ICT Cabinet Secretary Joseph Mucheru

Addressing the alleged hack, Kenya’s Minister of Information and Communications Technology (ICT), the ICT Cabinet Secretary Joseph Mucheru said the attack was a phishing attack, as opposed to a hacking attack on the foreign affairs ministry’s computer systems, and that no classified material had been accessed.
“What they did is they managed to send emails to people, and people clicked the links to change their credentials, and as a result they were able to access emails,” he told Reuters by phone. “Our systems have remained safe and stable.”
“What we have been able to identify is mostly on security clearance ‘Open’ as opposed to ‘Restricted’ or ‘Top Secret’.”
Mucheru said they were working to alert government employees on how to avoid being tricked by phishers and hackers.
Operation Africa hackers have threatened to make their attacks continent wide in Africa.  In January they had announced that they were seeking the dismantling of corporations and governments in Africa they blamed for corruption, child abuse, environmental problems and Internet censorship.
In February, hackers using the Operation Africa banner said they had breached a South African government database and leaked names, email addresses and passwords of some 1,500 government employees, security site Softpedia reported. The hackers also took credit for attacking the Ugandan Finance Ministry and a firm supplying video services to the Rwandan government.
In February and March they claimed to have stolen data from employees of Tanzania Telecommunications and defaced the website of a Kenyan oil refinery, according to HackRead.

 

 

 

 

 

The online hacktivist Anonymous has conducted a sophisticated cyber attack on the government of Kenya by breaching its Foreign ministry server, stealing a trove of data and ending up leaking some of it on the Dark Web. The cyber attack was conducted under the banner of operation OpAfrica which was launched last year against child abuse, child labour and corruption in the African countries.

The dumped data contains confidential and non-confidential PDF and Docx files from the ministry server including email conversations, security related communication, international trade agreements and letters discussing the security situation in Sudan where government forces are fighting the Sudan People’s Liberation Army (SPLA).

“It’s too late for Kenyan government to expect us”: Anonymous

Other letters include conversation related to weapon clearance in Namibia, details about a business collaboration deal between Kenya and Oman, several other documents discussing state officials visiting the country. However, one internal email document is really interesting and talks about security alert for the ministry of foreign affairs’ staff sent by Information Communications Technology (ICT) stating that someone is trying to hack staff email IDs by sending phishing emails containing malicious links. The ICT administrator also shared a screenshot of an email sent by the hackers