Cyber Threat Actor: Mauritania Hacker
| Actor Type | Location | Known Incidents |
Activist
|
Mauritania
|
1 incident |
|---|
Profile
The threatactor is publicly known by the alias Mauritania Hacker and is reported to operate from Mauritania.
This actor is linked to the Anonghost hacking collective, which claimed responsibility for activities under the Anti-#CharlieHeBdo banner.
The association with Anonghost places the actor within a loosely affiliated hacktivist milieu that emerged around early 2015.
No further details about the actor's internal structure or sponsorship have been disclosed in open sources.
In the incident dated 21 January 2015, the actor targeted three French government websites, including one belonging to the Ministry of Defense.
The selection of targets indicates a focus on governmental entities within France, reflecting a regional emphasis on French state infrastructure.
The objective of the operation was disruption, as the attackers altered the public-facing content of the sites without attempting to exfiltrate data.
The defacement did not involve data theft, and the modifications were quickly noticed, leading to a rapid response from national cybersecurity agencies that shut down the affected platforms.
No evidence of financial gain or espionage motives has been presented in the reporting of this event.
The initial access vector identified in the reporting was the exploitation of outdated content management systems powering the compromised sites.
Following access, the actor employed straightforward web defacement techniques to modify visible pages, a tactic consistent with the tooling style of many hacktivist groups.
No malware families or custom tooling were mentioned in the available sources, limiting the description to the observed defacement methodology.
Attribution remains confined to the link with Anonghost; no state nexus or criminal consortium affiliation has been publicly established.
This incident constitutes the only publicly reported operation attributed to the actor.
