Hacktivist group, Hider_Nex, with affiliates from Keymous Plus, has allegedly carried out a large-scale cyber campaign targeting multiple high-profile government and institutional websites across Egypt.
According to posts shared on underground Telegram channels, the group claims to have successfully disrupted access to several key Egyptian portals, including the Egypt Government Portal, Ministry of Foreign Affairs, Ministry of Health and Population, Egyptian Tax Authority, Egyptian Electricity Holding Company, Environmental Affairs Agency, and the Central Agency for Public Mobilization and Statistics (CAPMAS).
The alleged attacks extended beyond government ministries to include critical service providers and educational institutions. Targets reportedly included Orange Egypt, the official electronic portal of Benha University, and the Industrial and Mining Projects Implementation Authority (IMPA).
The full list of the targets is:
- Egypt Government Portal
- Ministry of Foreign Affairs
- Ministry of Health and Population
- Egyptian Tax Authority
- Egyptian Electricity Holding Company
- Egyptian Environmental Affairs Agency (EEAA)
- Central Agency for Public Mobilization and Statistics (CAPMAS)
- Ministry of Manpower and Immigration
- National Authority for Remote Sensing and Space Sciences
- Orange Egypt
- Official electronic portal of Benha University
- Industrial and Mining Projects Implementation Authority (IMPA)
Evidence of downtime for these services was shared in the form of Check Host reports, suggesting that the sites were temporarily unreachable during the attack period. While no direct confirmation has been issued by the affected institutions, the timing and scale of the disruptions point to a coordinated campaign.
Hider_Nex and its affiliates framed the cyberattacks as politically motivated, describing them as part of a broader digital protest campaign. This incident follows a pattern of hacktivist-driven disruptions targeting governments across the region, often involving a mix of website defacement, denial-of-service attacks, and public exposure of vulnerabilities.