A notorious threat actor operating under the alias Jabar00t has claimed responsibility for a large-scale cyberattack targeting Morocco’s National Agency for Land Conservation, Cadastre, and Cartography (ANCFCC).
The incident was disclosed through a post on a well-known dark web forum, where Jabar00t publicly released samples of the stolen data and declared the breach to be politically motivated.
HackManac broke the news first on X.
Scope and Severity of the Breach
The cybercriminal claims to have exfiltrated an astonishing 4 terabytes of sensitive data, including:
- Over 10 million property certificates in PDF format.
- More than 4 million personal documents, such as:
- ID cards
- Passports
- Civil status records (birth/marriage/death certificates)
- Real estate documents (sale/purchase deeds, cadastral data)
- Banking and financial records
The leak also reportedly includes confidential files tied to senior Moroccan officials and VIPs, most notably Mohammed Yassine Mansouri, Morocco’s head of foreign intelligence.
The compromised data was showcased alongside a large image bearing the word “HACKED” across the ANCFCC’s official logo and branding, indicating full access and compromise of internal systems.
Political Context Behind the Breach
Jabar00t stated that the hack was a direct response to Moroccan media’s alleged anti-Algerian propaganda, particularly articles suggesting that France might freeze assets belonging to Algerian officials.
The attacker claims that the breach is both a retaliation and a warning, exploiting geopolitical tensions between Morocco and Algeria to justify the cyberattack.
“Given these political tensions… We considered the aforementioned propaganda an unjustified interference and an opportunity to once again attack Algeria on the international scene,” the post reads.
The same threat actor was responsible for the hack of Morocco’s National Social Security Agency (CNSS) a few months ago.
Background on the ANCFCC
The ANCFCC was established in 2002 and operates under Morocco’s Government.
It is responsible for the national cadastre and cartography functions and consists of 53 agencies distributed across Morocco’s provinces.
The agency plays a pivotal role in land registration, ownership verification, and urban planning, making it a critical institution for Moroccan civil infrastructure.
Implications and Concerns
This data breach raises serious national security and privacy concerns, not only due to the volume of exposed personal data but also due to the high-level political ramifications. Experts warn that the release of such documents could lead to:
- Identity theft and financial fraud
- Blackmail and political targeting
- Diplomatic tensions between Morocco and Algeria
Update: Official Response From General Directorate of Information Systems Security (DGSSI)
After investigations, The General Directorate of Information Systems Security (DGSSI), an authority responsible for information systems security incident and response, has reported the attack didn’t compromise the systems of ANCFCC but rather tawtik.ma.
Tawtik.ma is operated by the National Council of Notaries and has some form of connection to ANCFCC systems. As a result, the Authority says they’ve taken the platform (tawtik,ma) offline to correct the vulnerabilities identified that allowed the exfiltration of the data.
About Author
