Menu
Browse

Cyber Threat Actor: L'APoca-Dz

Actor Type Location Known Incidents
 Icon
Activist
1 incident
Profile

L'APoca-Dz, operating under the alias Anon Ghost, functions as a pro-ISIS hacktivist collective with demonstrated capabilities in social media account compromise and digital propaganda dissemination. The group publicly distinguishes itself from the broader Anonymous collective while aligning its activities with support for Islamic State objectives, explicitly opposing Zionism and Israel in its messaging. Their operations prioritize ideological signaling over financial gain or notoriety, emphasizing solidarity with global movements they associate with "freedom" through asymmetric cyber actions targeting government entities.

The threat actor focuses primarily on government and law enforcement sectors within Southeast Asia, as evidenced by their July 2015 compromise of Malaysian Police social media infrastructure. Attackers gained unauthorized access to official Facebook and Twitter accounts, deploying defacement techniques that replaced organizational branding with ISIS propaganda imagery, Arabic text, and militant photographs. Tactics included posting threatening messages directed at Malaysian officials alongside declarations of responsibility featuring "#AnonGhost was here" identifiers. This campaign showcased their strategic objective of disrupting government communications to amplify fear and demonstrate technical proficiency while advancing jihadist narratives. The operation employed no advanced malware but relied on credential compromise and manual content manipulation to achieve psychological impact through visible platform takeovers.

Publicly attributed affiliations remain strictly limited to Islamic State sympathies without evidence of state sponsorship or criminal consortium partnerships. Their sole confirmed operation against Malaysian authorities served multiple purposes: validating technical capabilities, reinforcing ideological alignment with ISIS, and issuing threats to deter opposition. The group framed their actions as support for international resistance movements rather than seeking personal recognition, though they deliberately maintained brand consistency through standardized hashtags and imagery. Malaysian authorities restored control of compromised accounts shortly after the breach, mitigating the operational disruption but not before pro-ISIS content reached the platforms' audiences. This incident represents their only publicly documented campaign, with no subsequent activities verifiably linked to the group through open-source intelligence.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources