Threat actor group Dark Hell 07x, in collaboration with Jokeir 07x and Dr. Shell 08x, has claimed responsibility for a coordinated cyberattack on several high-profile financial platforms in Tunisia. The breaches affected commercial banks, government infrastructure, and training institutions in the country’s financial sector.
Affected platforms:
- bt.com.tn – Banque de Tunisie (BT)
- finances.gov.tn – Tunisian Ministry of Finance
- btknet.com – BTK Bank
- abf.tn – Academy of Banking and Finance (ABF)
According to the videos shared by the group on their Telegram channel, they have access to:
- Bank account dashboards with names, balances, and recent transactions
- Investment data and eBanking interfaces
- Internal admin panels belonging to banks and government entities
- Subdomains of finances.gov.tn including:
account,auth,adeb-fournisseurs,teledeclaration,gitlab.intra,mail, andshare
Dark Hell 07x claims full access to backend and frontend infrastructure, with no detection during the intrusion. The group is advertising stolen data for sale, including:
- Full database for $4,000
- Bank account data file for $2,000
- Individual account access starting from $100
None of the affected organizations has released no official statement as of the time of this publication.
This campaign marks a significant escalation in financially motivated attacks on North African digital infrastructure. Tunisia’s banking ecosystem appears to have suffered simultaneous breaches that include:
- Commercial banking systems
- National tax and finance platforms
- Training and regulatory bodies
If verified, this breach has potential implications for account security, digital identity, and national financial trust.