Menu
Browse

Cyber Threat Actor: World Hacker Team

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Activist
Rwanda
5 incidents
Profile

The threat actor known as the World Hacker Team operates as an active subdivision of the broader Anonymous hacker collective and is frequently referenced in connection with the #OpAfrica campaign. Public sources identify the group by this name and note its affiliation with Anonymous, describing it as one of the collective’s most active subdivisions involved in hacktivist operations against African targets. No public attribution links the World Hacker Team to a state sponsor or a criminal consortium; its affiliation remains strictly within the hacktivist milieu of Anonymous.

The group’s publicly stated objective, as expressed in the #OpAfrica initiative, is to draw international attention to child labor and government corruption affecting African nations. This motive has directed its targeting toward government ministries, state‑owned enterprises, and telecommunications providers across the continent. Reported victims include Rwanda’s Broadband Systems Corporation, Uganda’s Ministry of Finance accessed via the Hanom1960 handle, and Tanzania’s Tanzania Telecommunications Company Limited (TTCL) in Zanzibar, indicating a focus on public sector institutions and critical infrastructure sectors such as broadband services and finance.

Observed tactics, techniques and procedures involve compromising web‑facing applications to gain access to internal systems, after which the actors exfiltrate data rather than deploying distinctive malware families. The disclosed intrusions have involved the acquisition of employee directories, email addresses, telephone numbers, job titles, and internal correspondence, as well as the extraction of username lists and password hashes from compromised websites. In the Uganda Ministry of Finance incident, the group stole data pertaining to 220 government employees, while the TTCL breach exposed details for tens of thousands of purported employees and site users, including credential hashes. No specific malware, exploit kits, or command‑and‑control infrastructures are described in the available material.

Attribution to the World Hacker Team is consistently tied to its role within Anonymous, with no evidence presented of state direction or organized criminal backing. Notable operations cited in open reporting include the #OpAfrica‑driven intrusion into Broadband Systems Corporation’s backend in Rwanda, the Hanom1960‑mediated breach of Uganda’s Ministry of Finance, and the TTCL data dump in Tanzania/Zanzibar that prompted subsequent denials and duplicate‑record analyses by the affected company. These incidents illustrate the group’s pattern of targeting governmental and state‑linked entities in African countries to publicize alleged abuses through the release of harvested data.

Incidents
Attributed incidents available to members
5 incidents
Sources
Sources available to members
4 sources