DAKAR (Reuters) - In Nouakchott, a dusty city wedged between the Atlantic ocean and western dunes of the Sahara, a young hip-hop fan coordinates a diverse group of hackers targeting websites worldwide in the name of Islam.
Logging on to his computer, he greets his Facebook followers with a “good morning all” in English before posting links to 746 websites they have hacked in the last 48 hours along with his digital calling card: a half-skull, half-cyborg Guy Fawkes mask.
He calls himself Mauritania Attacker, after the remote Islamic republic in west Africa from which he leads a youthful group scattered across the Maghreb, southeast Asia and the West.
As jihadists battle regional governments from the deserts of southern Algeria to the scrubland of north Nigeria, Mauritania Attacker says the hacking collective which he founded, AnonGhost, is fighting for Islam using peaceful means.
“We’re not extremists,” he said, via a Facebook account which a cyber security expert identified as his. “AnonGhost is a team that hacks for a cause. We defend the dignity of Muslims.”
During a series of conversations via Facebook, the 23-year-old spoke of his love of house music and hip hop, and the aims of his collective, whose targets have included U.S. and British small businesses and the oil industry.
He represents a new generation of Western-style Islamists who promote religious conservatism and traditional values, and oppose those they see as backing Zionism and Western hegemony.
In April, AnonGhost launched a cyber attack dubbed OpIsrael that disrupted access to several Israeli government websites, attracting the attention of security experts worldwide.
“AnonGhost is considered one of the most active groups of hacktivists of the first quarter of 2013,” said Pierluigi Paganini, security analyst and editor of Cyber Defense magazine.
An online archive of hacked Web sites, Hack DB, lists more than 10,400 domains AnonGhost defaced in the past seven months.
Mauritania, a poor desert nation straddling the Arab Maghreb and black sub-Saharan Africa, is an unlikely hacker base. It has 3.5 million inhabitants spread across an area the size of France and Germany, and only 3 percent of them have Internet access.
Much of the population lives in the capital Nouakchott, which has boomed from a town of less than 10,000 people 40 years ago to a sprawling, ramshackle city of a million inhabitants. In its suburbs, tin and cinderblock shanties battle the Sahara’s encroaching dunes and desert nomads stop to water their camels.
In the past six months experts have noted an increase in hacking activity from Mauritania and neighboring countries. In part, that reflects Mauritania Attacker’s role in connecting pockets of hackers, said Carl Herberger, vice president of security solutions at Radware.
“This one figure, Mauritania Attacker, is kind a figure who brings many of these groups together,” Herberger told Reuters.
Mauritania Attacker says his activities are split between cyber cafes and his home, punctuated by the five daily Muslim prayers.
Well-educated, he speaks French and Arabic among other languages and updates his social media accounts regularly with details of the latest defacements and email hacks. He would not say how he made a living.
His cyber threats are often accented with smiley faces and programmer slang, and he posts links to dancefloor hits and amusing Youtube videos. But his message is a centuries-old Islamist call for return to religious purity.
“Today Islam is divisive and corrupt,” he said in an online exchange. “We have abandoned the Koran.”
Mauritanian Attacker aims to promote “correct Islam” by striking at servers hosted by countries they see as hostile to sharia law. “There is no Islam without sharia,” he said.
Mauritania is renowned for its strict Islamic law. The sale of alcohol is forbidden and it is one of only a handful of states where homosexuality and atheism are punished by death.
The quality of Mauritania’s religious scholars and koranic schools, or madrassas, attract students from around the world. Mauritanians have risen to prominent positions in regional jihadist groups, including al Qaeda’s north African branch AQIM.
As hackers from the region organize into groups, the Maghreb is emerging as a haven for hacktivism as it lacks the laws and means to prosecute cyber criminals, Herberger said.
“There’s a great degree of anonymity and there’s a great degree of implied impunity,” he said.
Security sources in Nouakchott said they were not aware of the activities of Mauritania Attacker.
He says he supports Islamists in Mauritania but opposes his government’s support for the West, which sees the country as one of its main allies in its fight against al Qaeda in the region.
With tech-savy young Muslims in the Maghreb chafing under repressive regimes, analysts anticipate a rise in hacktivism.
Hacking is a way for young people to express religious and political views without being censored, says Aaron Zelin, fellow at the Washington Institute.
“These societies are relatively closed in terms of people’s ability to openly discuss topics that are taboo,” he said.
For disillusioned youth in countries like Mauritania, where General Mohamed Ould Abdel Aziz seized power in a 2008 coup before winning elections the next year, hacking has become “a way of expressing their distaste with status quo,” Zelin said.
JURY OUT ON GROUP‘S REACH
AnonGhost’s global reach is its greatest weapon, but it has yet to stage a major attack on a Western economic target.
Most of AnonGhost’s campaigns have simply defaced Web sites, ranging from kosher dieting sites to American weapon aficionado blogs, with messages about Islam and anti-Zionism.
It has attacked servers, often hosting small business websites, located in the United States, Brazil, France, Israel and Germany among others.
Mauritania Attacker and the AnonGhost crew say these countries have “betrayed Muslims” by supporting Israel and by participating in the wars in Afghanistan and Iraq.
“We are the new generation of Muslims and we are not stupid,” read a message posted on the Web site of a party supply business in Italy. “We represent Islam. We fight together. We stand together. We die together.”
The team has also leaked email credentials, some belonging to government workers from the United States and elsewhere.
As part of a June 20 operation against the oil industry, carried out alongside the international hacking network Anonymous, Mauritania Attacker released what he said were the email addresses and passwords for employees of Total.
A spokesperson for the French oil major did not immediately respond to requests for comment.
One security expert said AnonGhost’s attacks exploited “well-known vulnerabilities in configurations of servers” in target countries rather than going after high-profile companies.
Carl Herberger, vice president of security solutions at Radware, remains unconvinced AnonGhost has the technical skills to wage full-scale cyber terrorism by harming operational capabilities of companies or government agencies.
“The jury is still out,” he said, but cautioned against underestimating the emerging group. “You’re never quite sure what they’re going to do on the offensive, so they have to be right only once and you have to be right always.”
Additional reporting by Laurent Prieur in Nouakchott; editing by Daniel Flynn and Philippa Fletcher