On Monday, May 22, the poll they launched on Twitter went almost unnoticed. “A massive and brief electronic cyberattack on Senegalese cyberspace for justice???? “, they ask their 1,600 subscribers on the social network. 134 votes and four days later the @MysteriousTeamO account gave their answer.
On the evening of Friday, May 26, dozens of official Senegalese sites were taken out of service. Among them, that of the Presidency of the Republic. "After verification, it is a DDoS attack [attack by denial of service]", reacted in the wake of Abdou Karim Fofana, the spokesperson for the Senegalese government. The national company, Senegal Digital SA, in charge of the government's web infrastructure, announces that it has restored the sites concerned a few hours later. But on Sunday, the presidency site was again temporarily blocked.
Contacted by Le Monde, the organization of the "Mysterious Team" assures that "all its members" are Bangladeshi and has carried out DDoS attacks, intended to saturate Web servers with a large number of requests, its specialty. It claims to have carried out "numerous operations" since 2020. But while the "pro-Islamist hacktivist group", as it calls itself, has so far focused most of its attacks on India and Israel, it has "publicly started attacking many other countries in 2022," he explains.
Before Senegal, Ethiopia suffered its actions in early May. The hackers accused Addis Ababa of "supporting Jews, Israel and torturing Muslim women". However, their attacks did not have the same echo there as in Senegal where the "Mysterious Team" does not sulk its pleasure.
A connection to Senegal?
“This is a group that wants to be in the spotlight. He relays all their actions on their Telegram channel to brag about it, ”explains Clément Domingo. The Franco-Senegalese cybersecurity expert, known by the pseudonym "SaxX", closely followed the hackers' "non-critical impact" actions.
It is difficult to identify the link between this group which calls itself Bangladeshi and Senegal. The country ruled by President Macky Sall was only mentioned by 'Mysterious Team' social media accounts days before the attacks began. "We told them [Senegalese leaders] that they had to respond to the demands of the innocent, stop killing and torturing people and publicly apologize for everything", explained the pirates interviewed by Le Monde, claiming to act "to justice for any country".
An account, linked to the "Mysterious Team", seems closer to Dakar. Anonymous (@YourAnonStory), followed by more than 50,000 people on Twitter, is regularly mentioned by the "Mysterious Team". Known to the Senegalese Twittersphere, the profile is particularly critical of power. He became particularly talkative about Senegalese news from March 2021 and the arrest of Ousmane Sonko, one of the main opponents. The arrest of the leader of the African Patriots of Senegal party for work, ethics and fraternity (Pastef) sparked riots that left fourteen people dead.
The latest attacks by the "Mysterious Team" take place while Mr. Sonko is in a very delicate position: on June 1, the verdict of the trial in which he is prosecuted for repeated rapes will be known and could make the main opponent ineligible for the February 2024 presidential election. “We are in contact with Anonymous. They are our brothers,” the Bangladeshi hackers told Le Monde, refusing to “say more about it. »
The scale of the attacks is cause for concern
The famous collective Anonymous has however become more a name than a reality on the Internet. On social networks, dozens of accounts bear the same name without it being possible to verify their authenticity. "That's what's interesting, anyone, any entity can claim to be Anonymous," says Domingo. In a tweet, @YourAnonStory admitted to being a member of a "headless decentralized collective".
The "Mysterious Team" takes up the codes of Anonymous with a unique approach. "Noté", they respond on Saturday to an interpellation from a Twitter user asking them to attack the website of Futurs Médias, Senegal's largest private press group. The next day, the group's portal belonging to singer Youssou N'Dour, accused of being close to power, had become unavailable because of the "Mysterious Team". In a surprising series of tweets, these hackers then said they gave up on cyberattacks before reversing their decision. The reason: Internet users would accuse them of not being "real" and of being the instrument of a "plot" by the regime.
On Monday morning May 29, the La Poste website in France was the target of an attack claimed by the "Mysterious Team". A retaliatory measure against the tweets of the Franco-Senegalese researcher Clément Domingo who had qualified them the day before on Twitter as "scripts kiddies" ("mediocre pirates"). "French researchers" need to stop publishing "false information" about them.
The Bangladeshi group announced on Sunday a second wave of attacks to come. "The situation is under control", assured the same day the general management of Senegal Digital SA. But the scale of the latest past attacks is cause for concern. "In expert opinion, that's not really reassuring," says Domingo. "It raises real questions about the ability of the authorities to react" to actions of this type, he adds, calling for "vigilance", because "other groups of amateurs or professionals" could be tempted to take advantage of this "digital chaos".
