On September 3, 2025, several Moroccan government portals were allegedly targeted in a coordinated Distributed Denial-of-Service (DDoS) attack. The campaign, attributed to pro-Algerian hacktivist groups, Keymous, comes in direct retaliation for recent cyber incidents involving Algeria.
The attackers claimed responsibility across Telegram channels, highlighting Morocco as the primary target.
Affected Websites
The following portals were observed to be inaccessible during the attack window:
- Official Government Portal (alhoukouma.gov.ma)
- Prime Minister’s Office
- Finance & Budget Ministry
- Industry & Trade Ministry
- Infrastructure & Transport Ministry
- Media & Public Information Ministry
- Public Health & Hospitals Ministry
- Ministry of Agriculture
- Ministry of Employment
- Ministry of Tourism
- Maroc Telecom
Technical checks showed repeated HTTP 522/525 errors and timeouts across multiple international nodes, confirming widespread service disruption.
Keymous framed the operation as retaliation, stating:
“In reply to cyberattacks against Algeria, today we visited Morocco.”
This statement underscores the escalating cyber tensions between the two neighboring countries, where hacktivist groups are increasingly engaged in reciprocal campaigns.
CyHawk Africa Assessment
- Attack Type: DDoS (Distributed Denial-of-Service)
- Impact: Temporary disruption of major Moroccan government and telecom services
- Attribution: Pro-Algerian hacktivist groups (self-claimed)
- Risk: Rising likelihood of reciprocal or escalatory attacks, targeting both government and private sector infrastructure
Disclaimer: This report is based on alleged threat actor claims. CyHawk Africa does not verify or confirm the authenticity of such claims and bears no intent to defame. Content is for awareness and defensive purposes only.