CCTA’s Statement Regarding the End of the Raid of al-‘Adnani
Yesterday, May 10, 2017, the Caliphate Cyber Terrorism Army (CCTA) hacker group, formerly known as the Cyber Caliphate Army (CCA), released an official statement in which it announced the end of the raid named after Islamic State spokesman, Abu Mohammad al-‘Adnani, who was killed on August 30, 2016. The announcement stated that the campaign had focused on the social network, Facebook, from three perspectives: First, through the closing of accounts belonging to Rafidi (a derogatory term for Shi’ites) and infidels by reporting these accounts as containing inappropriate content, such as nudity. In this way, the group reported that 1,843 pages had been closed and removed from the network. Second, through the hacking and defacement of Facebook pages belonging to infidels. The group reported having hacked 376 such pages. Third, through the targeted hacking of Facebook pages, especially against spies. The group went on to thank all of the soldiers who participated in this work and its members asked that Allah consider the achievements of their work favorably. Finally, the group asked all of its soldiers to use their methods to take part in the next campaign, which will soon be announced.
The banner of the CCTA campaign named after ‘Adnani
Screenshots were posted on the group’s Telegram account as proof of the aforementioned breaches of Facebook accounts. At least 20 different users contributed to the joint effort and transferred such images to public sharing by the group’s operatives. Through a sample check of the hacked accounts, the Cyber Desk discovered that one account, whose owners publish content in English and Hindi, has 76 “friends”; another account has 12 “friends”, some of whom are of Bengali origin; and at least two other accounts with names of American-English origins are completely blank – no profile picture, no posts and not even one “friend”. There is no doubt that the level of hacking is very basic and relies on the ease of the breach rather than on the abilities of the hackers. It is quite possible that at least some of the accounts that the group claimed to have hacked were, in fact, fictitious accounts that were created under various user names in order to place the group’s "signature" on them, thereby crediting the group for a breach that did not occur.
The CCTA announcement that was published on the groups’s Telegram account