In Morocco, as in all countries fully integrated into the digital age, cybercrime is rampant, encompassing a variety of illegal activities that exploit devices, technologies, and computer networks. Fraud, scams, data theft, extortion, and child exploitation dominate the headlines.

Excesses on Social Networks

In recent years, numerous cases of cybercrime have been widely reported, highlighting their profound impact on society. A recent case involving the Instagram account “Nahidmonbb,” followed by nearly 100,000 followers and with posts reaching millions of views, is a perfect example. This account has been posting photos and videos of Moroccan women, including public figures, since last November.

These posts feature women in swimsuits or summer dresses, sometimes even at private parties. Influencers like Nouhaila Barbie (3.8M followers), Sofia Charaf (2M followers), and Btissam Batma (2.3M followers) have fallen victim to this.

Actress and model Rajoua Essahely, who is also highly followed (1.9M followers), was recently hospitalized in Casablanca due to depression caused by the distribution of sexually explicit videos with her ex-fiancé. These videos were widely shared online, worsening her condition.

Following the announcement of her hospitalization, the media quickly gathered testimonies. Loubna, a close friend of Rajoua, told Chouf TV that Rajoua was “deeply affected by the viral spread of photos and videos on platforms like Instagram, TikTok, and YouTube, which have circulated extensively throughout Morocco.”

However, our source continues, “the videos were private archives that Rajoua had never published or even kept on her phone.” Another friend, Chaimaa, condemned the threats and blackmail from what she calls a “mafia.” Rajoua filed several complaints as early as last November, but to date, no arrests have been made

Following in the footsteps of « Hamza mon bb »

This case undoubtedly echoes the « Hamza mon bb » scandal, which made waves online starting in 2016. It involved an anonymous Snapchat account specializing in gossip about Moroccan celebrities. The creator of this account frequently posted revelations about public figures and later targeted members of Marrakech’s civil society, as well as regional entrepreneurs.

In exchange for financial compensation, “Hamza mon bb” promised not to disclose compromising photographs or information, often fabricated from scratch. It was pure blackmail. Among the targets of these attacks, singer Saïda Charaf and her alleged connection with the Polisario were particularly highlighted. Originally from Laâyoune, she quickly responded to these allegations.

In 2019, she filed a civil lawsuit against singer Dounia Batma, accusing her of “defamation,” “blackmail,” and “illegal data processing.” Less than two years later, in 2021, nearly 70 complaints had been filed against the perpetrators of “Hamza mon bb.”

Police investigations revealed the involvement of several people. Some were tasked with creating a prostitution network, while others secretly photographed public figures to blackmail them. Among those convicted were Dounia Batma and her sister Ibtissam, both of whom received prison sentences. After exhausting all legal appeals, the singer spent her first night in detention on January 31st and was sentenced to one year.

2.5 terabytes of private life

Just a few days after the conclusion of this episode, another scandal erupted. On February 6, Amine Raghib, an IT consultant, revealed the existence of hundreds of gigabytes of sexually explicit photos and videos, stolen from phones, Snapchat accounts, and surveillance cameras in Morocco.

The issue began when several Moroccan women discovered photos of themselves, naked, in shared folders on Telebox, a massive storage platform similar to Google Drive. These folders were accessible via links shared in private Telegram groups dedicated to distributing sexual content leaks.

One of the victims then contacted Amine Raghib. “We initially discovered recordings of online sex workers doing live shows on apps like Tango and Bigo Live. We also came across packs of ‘nudes’ (naked photos) that some internet users use for commercial purposes. Then we found individuals who had been hacked, like the victim who contacted us, and who saw their photos leaked online,” the expert detailed to TelQuel in February.

He added that the folders also contained video recordings from surveillance or spying cameras hidden in rental properties. The victims included not only Moroccans but also Emiratis, Lebanese, Algerians, and others. “This case involves minors, human trafficking actors, individuals hacking surveillance cameras to film people without their knowledge, and hackers of accounts and phones. It’s very serious!” he warned.

From Oued Zem to Israel

In December 2023, the quiet town of Oued Zem, located in the Béni Mellal-Khénifra region, was shaken by a sextortion case revealed by the daily newspaper Assabah. A pregnant young woman, fleeing an abusive husband, took refuge in a local hotel.

Upon registration, the presentation of her national identity card revealed that she was wanted by the police for “fraud” and “blackmail.” By order of the Public Prosecutor, she was detained, suspected of having received up to 124 transfers from Israeli citizens and residents of Gulf countries, all victims of sextortion.

Her husband, an alleged accomplice, had devised a devious modus operandi: posing as a woman, he posted sexually explicit photos on a fake Facebook profile and encouraged his victims to undress on video. These recordings were then used to blackmail them, threatening to expose them if they did not comply.

A month after this arrest, the MAP news agency reported that the Oued Zem judicial police had dismantled a criminal network composed of three individuals, aged between 28 and 35: a defendant with a criminal record and a couple. Three mobile phones containing evidence of sexual blackmail operations were seized at the home of the first suspect.

The couple, who managed four money transfer agencies, was arrested in Benguerir. Evidence proving their involvement was also found on their mobile devices. Although it remains to be established whether this is the same case or not, this is not the first occurrence of such practices in Oued Zem. It was in this city that, as early as 2016, the majority of the 360 arrests related to sextortion in Morocco had taken place.

Several Banks Targeted

In addition to individuals, the banking sector has also been targeted by cyberattacks in recent years. CIH, Bank of Africa, and Al Barid Bank have frequently found themselves in the crosshairs of cybercriminals.

According to the Cyber Threat Assessment Report for Africa, published in March 2023 by Interpol, Morocco has become the country most affected by attacks orchestrated through malware.

According to the Cyber Threat Assessment Report for Africa, published in March 2023 by Interpol, Morocco has become the country most affected by attacks orchestrated through malware, particularly banking Trojans and information stealers. These threats « represent one of the most serious dangers, both for individual security and for the IT infrastructures of organizations, due to their ability to cause significant damage if not detected in time, » warns the international criminal police organization.

According to Interpol, banking Trojans and information stealers can be installed manually or remotely through social engineering techniques, such as emails containing malicious links or attachments. Once installed, they collect personal information from the infected computer and transmit the stolen data to a remote server controlled by the cybercriminal.

In 2022, more than 18,000 malware detections were reported in Morocco. South Africa ranks second with 6,560 detections, followed by Nigeria with 5,366, Cameroon with 1,462, and Algeria with 691. A rather unenviable first place that Morocco would have preferred to avoid.

Written in French by Ghita Ismaili and Younes Saoury, edited in English by Eric Nielson.