Cyber Incident Victim: Anonymous

In late 2017, a hacker group identifying as Daeshgram executed a disruptive operation against ISIS (referred to as Daesh) by infiltrating the terrorist organization’s communication networks. The hackers focused on undermining ISIS’s propaganda apparatus, particularly its official news outlet Amaq, which ISIS supporters used via Telegram to recruit and radicalize members. After months of studying ISIS’s digital infrastructure, Daeshgram created counterfeit Amaq websites designed to mirror the legitimate ones. These fake sites contained pornographic material and messages mocking ISIS’s ideology, intentionally diluting the credibility of Amaq’s content. One notable action involved altering an ISIS announcement video about a new media center in Syria; Daeshgram inserted explicit scenes into the footage, which depicted ISIS soldiers appearing to watch pornography during the supposed official broadcast. The hackers also orchestrated distributed denial-of-service (DDoS) attacks against Amaq, flooding its servers with traffic to temporarily take the site offline.

The operation caused significant disruption within ISIS’s online ecosystem. ISIS leadership responded by instructing supporters to distrust all Amaq links, triggering internal conflicts among members who debated the authenticity of the compromised content. According to Daeshgram, some ISIS members deleted others from communication groups amid accusations of spreading fraudulent material. The hackers noted that even after ISIS flagged their fake links, curiosity drove additional supporters to click on them, amplifying the confusion. Daeshgram publicly documented these activities through a dedicated Twitter account, highlighting their objective to induce paranoia and erode trust within ISIS networks. The group explicitly stated their intent was not only to disrupt operations but to damage the perceived reliability of Amaq as a propaganda tool, a tactic that reportedly generated measurable infighting among ISIS adherents.