A threat actor going by Jokerir_07x, along with an affiliate named Dr. Shiels 08x, has claimed responsibility for encrypting and defacing the website of CyberSoft.tn, a Tunisian cybersecurity service.
The attack involved the deployment of Dark 07x Ransomware, with a ransom demand of $1,000 USDT for website recovery. Victims are instructed not to rename files and to request the decryption key by contacting the attacker.
This is a high-profile takedown targeting a local cybersecurity firm that demonstrates the attackers’ technical ability and growing confidence. It also signals possible internal targeting or retaliatory motives against Tunisian cyber infrastructure.
CyHawk Africa urges firms across Tunisia to verify their backups, assess network access logs, and review ransomware readiness. This incident highlights how even cybersecurity platforms can become prime targets.
We will continue monitoring the activities of Jokerir_07x and affiliated groups.