The Great Liberian Hacking Scandal – Who’s the operator that employed the arrested hacker?

13 October 2017

Top Story

Connoisseurs of African telecoms mysteries might like to apply their minds to this one: who was the Liberian telecoms operator who paid a hacker to take down its competitor? Russell Southwood rakes over the few known facts about the case.

On 21 July 2017, a British man admitted in a German court to staging a large-scale cyber attack on Deutsche Telekom last year, saying he was acting for a Liberian client.

According to a report in The Guardian in the UK, the November attack in Germany hijacked about 900,000 routers and briefly stopped their owners getting online, affecting about 1.25 million Deutsche Telekom customers. The Bonn-based company estimated the cost of the attack to have been more than €2m (£1.79m).

The man, who went under the online pseudonym “Spiderman”, said he had taken on the commission for a fee of $10,000 (£7,700) because he wanted to marry his fiancee and needed money for a “good start into married life”.

The Liberian telecommunications company that commissioned the attack had not asked him to hack Deutsche Telekom, the man said, but he wanted to create a “botnet”, a worldwide network of hijacked machines, with which to knock out a competing business via a further attack.

So-called “distributed denial of service” attacks are designed to knock sites and servers offline by sending them more data than they can handle. The man claimed he had only found out via the media that routers in Germany had switched themselves off after the attack.

Even though “Spiderman” has had no specialist IT training, he said in court he was the sole architect of the attack and that another person had helped him cover his traces online afterwards. The 29-year-old, who grew up and went to high school in Israel, said he had merely done “a couple of programming courses” but not completed a degree on the subject.

In the aftermath of the hacking attacking in November 2016, a spokesperson for Deutsche Telekom said: “The malware was badly programmed, it didn’t function properly and didn’t do what it was meant to do. Otherwise the consequences of the attack would have been a lot worse.”

The 29-year-old described as "the worst mistake of my life" the attack that knocked more than a million German households offline in November and added his motivation was money.

Liberia was the subject of a completely unrelated Botnet attack in October 2016 by Mirai, which was particularly effective because it harnessed infected, internet-connected devices such as DVR players and digital cameras. A second attack was carried out in November 2016.

According to Kevin Beaumont, a security expert who has been closely monitoring attacks using Mirai botnets. “We’re seeing attacks over 600gbps [gigabits per second] aimed at two companies which co-own the only fibre going into [Liberia],” Beaumont told the Guardian, adding that during the attacks websites inside the country are rendered unavailable outside as well. “The recent attacks ... are huge in volume – among the most amount of traffic internet has seen.”

We have had conversations with those familiar with the case who have named the telecoms operator that commissioned this hacker and the company it was targeting. Does anyone have any further information on this case as it raises serious issues about cyber-security and the use of hackers by operators? Was this an isolated case of someone locally taking it upon themselves to do this or something that was approved by the company at a higher level?


Digital Content Africa is a fortnightly e-letter covering TV and film, music, social media, media, digital advertising and other digital content and services. It’s essential reading for anyone interested in Africa’s digital transition. We have already produced 96 issues and these can be viewed on this link:

Typical Top Stories will keep your finger on the pulse and have included:

Tecno’s Boomplay Music app attracts 12.5 million users across Africa for music and video, with around 8% time-based payment for content

Summview’s white label VoD and streaming platform designed for Africa is winning over mobile operators and audiences

iflix plans to turn African VoD market on its head and projects 2 million users in two years, local commissions under way

Deezer Next initiative promotes four emerging artists in South Africa with global playlisting strategy and a live event

Kwesé TV signs distribution deals with Africa’s mobile operators for Kwese Play Roku box and mobile streaming – 40% of channels exclusive

If you would like to subscribe, just send an email to with Digital Content Africa in the title line.

Smart Monkey TV is our web TV channel that tracks what Africa’s Creators and Innovators are saying and doing. It now has 1847 subscribers. The latest video clip interviews that are relevant for you are below. Subscribe by clicking on this link:

Jehiel Oliver, Hello Tractor on how his start-up pivoted from manufacturing to data collection

Andy Jarvis, CIAT on the 4 things making Big Data in agriculture possible in Africa

Shola Adekoya, Konga on what's changed over the last 4 years and launching Konga Daily

Okechukwu Ofili on e-publishing start-up Okada Books, its authors, readers and raising funds

Jim Teicher on CyberSmart's all-in-one edtech device trialing in Senegalese schools

Keke Lebaka on how African food giant Promasidor uses social media to talk to its consumers

Alpesh Patel on Africa's original start-up Mi-Fone, the hip-hop telecoms brand and why it failed

Abiola Olaniran, Gamsole on partnering with MTN Nigeria on his game Gidi Run

Digital strategist Jesse Oguntemehin on influencer marketing in Nigeria

Zimbabwe Nigel Mugamu on how 263Chat challenges mainstream media's way of telling the story

Thabo Dabengwa, ReelAfrican on its short-form mobile comedy content shot on an iPhone 7