Hackers have allegedly taken down the official website for managing e-visa applications and related services for travelers wishing to enter Morocco.
As of this writing, the Accès Maroc website remains down. Accès Maroc is Morocco’s official online platform for processing electronic visa (eVisa) applications for eligible travelers. The attack was claimed by the Keymous+ hacking group, according to a post they made on their Telegram channel.
While the group calls itself “North African hackers”, security researchers at Radware believe otherwise. Recent findings by Radware reveal that the hacker group lacks prioritization in their target selections.
According to the threat intelligence company, Keymous+ has claimed over 700 attacks in 2025 spanning across dozens of countries and sectors. Government websites appear to be their primary target, followed by telecom, finance, and the manufacturing sector.
Countries most targeted by Keymous+ in 2025 include India, France, Morocco, the United States, and Denmark. Morocco and Egypt seem to be the preferred destinations of Keymous+ in “North Africa”.
Keymous+ Recent Attacks on Morocco
Over the past few weeks, the hacker group has claimed multiple attacks on services in Morocco.
On September 3, Keymous+ claimed an attack on the website of the following victims:
- Portal of the Moroccan Government
- Prime Minister of Morocco
- Ministry of Economy and Finance of Morocco
- Ministry of Industry and Trade of Morocco
- Ministry of Equipment and Transport
- Ministry of Youth, Culture and Communication
- Regional Directorate of Transport and Communications of La Libertad
Two days later (September 5), they claimed an attack on the website of CIH Bank (formerly Crédit Immobilier et Hôtelier), a major Moroccan retail bank headquartered in Casablanca.
On September 6, the threat actors announced attacks on the websites of the following:
- Ministry of Digital Transition and Administrative Reform
- Royal Air Maroc
- Ministry of Higher Education, Research & Innovation
- Ministry of National Education, Vocational Training, Higher Education and Scientific Research
- CURSUSSUP
- University of Al Quaraouiyine
- Chouaïb Doukkali University
- Mohammed I University
- Sultan Moulay Slimane University
- Université Internationale de Casablanca
- Université Internationale d’Agadir
According to Radware, most of the operations of the Keymous+ hacking group, in 2025 focus on Distributed Denial-of-Service (DDoS) attacks.
This reflects the organizational structure of the group. They operate as a dual team named “Alpha Team” and “Beta Team.” The “Alpha Team” is responsible for breaches and leaks but is currently inactive, while the “Beta Team” focuses on DDoS operations.
While the website of Accès Maroc remains down, there is no official confirmation of the attack.
Also read:
- Morocco Names Abdellah Boutrik as New Cybersecurity Head
- Morocco’s CNSS Data Breach Exposes Millions in Suspected Political Cyberattack
- Massive Data Breach Hits Morocco’s Land Conservation Agency in Politically Charged Cyberattack
About Author
