Cyber Incident Victim: Muslim Brotherhood
Date:
Jun 2016
Location:
Egypt
Summary
The Muslim Brotherhood's official website and its affiliated political party's site experienced distributed denial-of-service (DDoS) attacks by a hacker known as SkyNetCentral, causing both platforms to go offline despite protective measures. The attacker additionally compromised parts of the group's database, leaking previously undisclosed data including commenters' IP addresses, email exchanges, and names, though no highly sensitive information was accessed. SkyNetCentral publicly justified the attacks by equating the organization with extremist groups, claiming ideological opposition as the motive.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On June 16, 2016, a hacker using the alias SkyNetCentral executed distributed denial-of-service (DDoS) attacks against the official website of the Muslim Brotherhood (Al-Ikhwan al-Muslimun) and the affiliated Freedom and Justice Party’s website. The attacks overwhelmed both sites despite their use of CloudFlare’s DDoS protection services, forcing them offline. SkyNetCentral additionally breached the Muslim Brotherhood site’s security infrastructure, extracting data from its database tables. The compromised data included IP addresses, email correspondence, user comments, and commenters’ names and IP addresses. Independent verification by HackRead confirmed the authenticity of the leaked data, which had not previously been exposed publicly. The breach appeared limited to non-sensitive information, with no evidence of financial records or personally identifiable data beyond commenter details.
SkyNetCentral publicly released the stolen data, enabling potential geolocation tracing of commenters through their IP addresses, though the article noted this would require technical expertise. On June 17, the attacker cited their motivation via Twitter, equating the Muslim Brotherhood with ISIS. The attacks disrupted the organization’s online presence and exposed operational communications but did not compromise critical systems or sensitive user data. No defensive actions or restoration efforts by the Muslim Brotherhood were documented in the available sources following the incident.