Anonymous Africa – the hackers who are taking on South Africa
Inside Anonymous Africa - the group of hackers who took down the SABC, the Guptas and the EFF
AT around 2pm on Wednesday (6 July) a Tweet was posted by an account linked with ‘hacktivist’ group Anonymous Africa saying they had joined the fray in Zimbabwe by shutting down several government websites.
By 10pm that night, the websites were still down.
Anonymous Africa described it as their longest operation, a direct response to the Zimbabwean government shutting down access to WhatsApp as violent protests rage on in the country.
https://twitter.com/zim4thewin/status/750661944009515008
Last month they took down the Economic Freedom Fighters and several SABC websites, as well as a number of sites linked to companies owned by the controversial Gupta family.
Yet, they don’t have a catchy slogan or a mission statement.
But they watch every move and listen to every speech and very possibly, private conversations.
An image of government agents sitting with large earphones in the back of a van springs to mind, but they are not a government ‘security’ agency hiding under a clandestine veil.
They are Anonymous Africa – a group of hackers who say they hack for a good cause.
And they are not happy.
https://twitter.com/zim4thewin/status/743104280371036161
In 2013, the group who operate the Twitter account @zim4thewin, claimed responsibility for an attack on the ANC’s website.
It had been nearly three years since a major ‘operation’ of this nature, but on Sunday, 12 June, the group succeeded in taking down the SABC’s websites, including their main portal and the web presence of radio stations such as 5FM and SAFM.
AA described it as the largest attack of its kind to ever hit South Africa.
On Monday 13 June, Anonymous asked Twitter followers who they would target if they had their resources.
The EFF emerged as the next victim.
Soon after, the eff.org.za domain was unreachable.
But how does one track down a group of people whose sole purpose is to remain anonymous, and have successfully managed to do so for more than three years?
You create an encrypted email account, send an email to the account posted on their Twitter feed, and say ‘Hi’.
‘Hacktivist’ movement
After making contact, a series of questions were sent to them, and this is what I learned:
‘We don’t really have a mission statement. No catchy slogan beyond which all Anons use,’ they said.
An Anon is someone who forms part of the global Anonymous ‘hacktivist’ movement, which states categorically that anyone who believes in Anonymous and wants to be a part of it, is.
‘We are just a group of people from several countries in southern Africa who are sick and tired of the injustice.
https://twitter.com/zim4thewin/status/742371548124852224
‘We take tools that are usually used for destructive purposes, redesigning them to be more constructive.’
Anonymous Africa has over the years attacked a number of state run websites and news outlets – Zimbabwe’s Ministry of Defence, revenue authority and the state-run Herald newspaper.
‘It was Independent Online, now an ANC mouthpiece, that ran a story idolizing Mugabe that woke us up. How far have we fallen as societies that such evil is worshiped?’ asked Anonymous.
‘After that, we decided to remind everyone that it was Mugabe who was responsible for a genocide of over 20 000 Ndebele in Zimbabwe, and the world still has not held him or those involved accountable. So this is one issue we will keep pushing until there is at least an attempt at justice.’
The decision by SABC COO Hlaudi Motsoeneng to no longer broadcast images of protesters burning property drew much criticism from South African political parties and even the South African Editors Forum.
‘It was the recent clampdown at the SABC and the wholesale looting of South Africa by the corrupt ANC government that reminded us both of Apartheid and the fall of Zimbabwe under Mugabe.
https://twitter.com/zim4thewin/status/741978844794638336
‘People were upset, but even the expression of that unhappiness has been censored.
‘So we decided to show the SABC there are some things they cannot censor.
‘We are not the solution, but perhaps we can play a small part in galvanizing the people to be the solution’
‘It also gives people a voice who do not have a voice, as you can see by public opinion. Everyone but the ANC and SABC are supporting us.
‘We are not the solution, but perhaps we can play a small part in galvanizing the people to be the solution.’
The SABC confirmed at the time their websites were hacked.
‘Our guys have found that there are people who hacked our system,’ said SABC spokesperson Kaizer Kganyago.
Kganyago said an investigation would take place and further called the hackers ‘cowards’, saying they had attacked a ‘national key point’.
Anonymous Africa felt the statement came from Motsoeneng himself.
‘The head of the SABC calling us cowards is irrelevant. He is corrupt. We take his insults as seriously as Hillary is offended by what Trump thinks of her. It is more an accolade than an indictment.
‘We also have to ask, who is the bigger coward? The people hiding behind their computers to form harmless protests or the person who is protecting thieves at the expense of the South African people so he can earn a fat pay check?”
‘We want to protest, not destroy.’
At the time they said their work is not yet done and they Tweeted that more was to come.
Last Wednesday they delivered on that promise by not only taking down Zimbabwe government websites, but also Tweeting a guide as to how one could bypass the WhatsApp shutdown.
What they do
Many people hear the term ‘computer hacker’ and an image of someone typing furiously on a laptop comes to mind.
So how do you shut down a website without damaging the servers it runs on?
Anonymous uses an attack vector called ‘DDOS’ (Distributed Denial of Service), which has become a type of calling card for the movement around the globe.
Using their attack on the SABC as an example, Anonymous took me through the process.
‘Imagine there is a freeway (the Internet connection) to the SABC data center.
‘What we do is send billions to trillions of ‘cars’ down that freeway to create a traffic jam. We never enter the targets’ network. We protest it.
When we stop there is no damage. The traffic disappears and legitimate cars can get in.
‘If like the SABC you try to fix an attack, you break your own system even further.’
This method was chosen as it is, according to AA, the most non-intrusive form of ‘hacktivism’ that causes no lasting damage.
Through the use of around 20 command and control servers that are all connected to a botnet Anonymous has created, one of 30 attack methods which has been used in every attack so far is initiated.
‘Though the use of DNS (Domain Name System) reflection and amplification, we are able to amplify the number of cars we send down the highway tenfold.’
‘We send out billions of requests for DNS results, pretending to be from our targets IP.
‘Our target then gets sent a lot of information it did not ask for, too much for it to handle.’
The result? The website becomes unreachable by users who wish to access it.
Anonymous Africa readily volunteered to prove to me they were indeed responsible by targeting a website under my control.
Needless to say, the only question that now remains – who or what is next?
WATCH: A message from Anonymous Africa posted on YouTube
