For about one year now, I’ve been covering the hacktivism of a self-identified Moroccan hacker known as ElSurveillance (@ElSurveillance on Twitter). Other media outlets have been starting to pay more attention to him recently, too.
As he had explained to me in December, ElSurveillance defaces and hacks sites advertising escort services or that have adult themes for religious reasons. Such services violate Islam, he tells me.
Out of all the hacks and hackers I have covered on this site, I think ElSurveillance’s activities are probably one of the purest examples of hacktivism that I have seen. I may not share his goals, but I never seen any indication of malice or greed on his part (I’m referring to ElSurveillance as “he,” but of course, I can’t know for sure). I’ve seen no evidence that he is using the data for any purpose other than trying to shame or force sites to stop what he considers to be morally unacceptable conduct. And occasionally, he diverts to other attacks, like his recent attempt to get the attention of a town in the UK that was vulnerable to SQLi.
This week, ElSurveillance contacted me to tell me about four of his more recent attacks and data leaks.
One leak consisted of 12,738 records containing username, email address, and passwords (all plaintext) from afrikadating.com. Because the site did not appear to me to be an escort service but rather, just a dating site, I asked him why he targeted it. In private communications on Twitter, he replied:
I’m after any site that claims to be providing any sexual services in the Islamic Countries, That site had around 33 profiles who claim to be providing sex services in Algeria, Tunisia, Egypt, I asked the admin to remove them, They refused, So I took Control of it, I removed these profiles and published the users login details.
He added:
I don’t usually go after these websites, But when they cross the line. They get punished.
In another incident, ElSurveillance attacked reaach.com and dumped a member’s table with 1,489 records with ID, username, email address, hashed passwords, and other personal details. As is this site’s policy, I am not linking to any of the data dumps, but inspection of this one revealed that some people uploaded pictures, resumes, and other personal information.
Reaach.com advertises itself as a one-stop business profiles site for the UAE. ElSurveillance informs DataBreaches.net that he had contacted REAACH a few months ago about some escort profiles on their web sites. “They removed them but only from the search engine and not from their database,” he stated. Inspection of the leaked database confirmed that there were still such listings in there.