A stark cybersecurity report released by Kaspersky in collaboration with INTERPOL has revealed that Morocco faced a massive wave of cyberattacks during the 2025 Africa Cup of Nations (Afcon). According to the investigation, over 2.1 million digital identities, including passwords and login credentials, were stolen and are currently circulating on dark web forums.
The attacks were coordinated to exploit the high digital traffic and fan enthusiasm surrounding the tournament. Hackers utilized a multi-pronged approach, deploying fraudulent ticketing websites, fake streaming links, and counterfeit mobile apps designed to harvest personal data. A significant portion of the theft was carried out using sophisticated “infostealer” malware, such as Lumma, RedLine, and Vidar, which silently infect devices to scrape banking details and browser cookies.
Beyond financial fraud, the report—conducted under the international Project Stadia initiative—also identified a surge in “hacktivism.” Security analysts tracked nearly 300 messages inciting DDoS attacks and website defacement. This digital onslaught is being viewed as a critical “stress test” for Morocco’s cybersecurity infrastructure as the nation prepares to co-host the FIFA World Cup 2030, highlighting that digital sovereignty is now a vital component of hosting major global events.
