Thursday, October 17, 2024

Today's explosion in Mogadishu led to death of up to 15 people

 : 

Abdihakim, a police officer, was among those killed in the Alshabaab explosion at General Kaahiye Police Academy in Mogadishu.




Alshabaab claims it killed 15 soldiers, including officers, in today's explosion in Mogadishu, which also left 12 wounded. The group also reported that the number of SNA soldiers killed in clashes yesterday near Eldher district in



Galgadud has risen to 36.

A militant from Al-Shabaab istishhadi brigade claims carried out an attack on the Police Militaria School headquarters in the Xamar Jajab district of Moqadishu, which serves as a base for the police forces. AS military command takes credit for the attack.
Among those killed in the explosion at Scuola Di Polizia was Abwaan Sugaal Cabdulle, a long-standing member of the Heegan group of the Somali Police Force for over 40 years.

Abwaan Sugaal was a renowned poet, composer, and singer. One of his most famous songs was “Leyla.”

Bi-Weekly Counter-Terrorism Intelligence Brief for East and Central Africa (Somalia, Mozambique, and DR-Congo): Tracking Islamic State Terrorists for the period of 1st October- 15th October 2024


Bi-Weekly Counter-Terrorism Intelligence Brief for East and Central Africa (Somalia, Mozambique, and DR-Congo): Tracking Islamic State Terrorists for the period of 1st October- 15th October 2024

Executive Summary

Between October 1 and October 15, 2024, significant developments in counter-terrorism efforts were observed across Mozambique, the Democratic Republic of Congo (DRC), and Somalia. In Mozambique, the situation remains precarious, with the resurgence of violence from Islamic State Mozambique (ISM) despite ongoing military operations by Rwandan forces. The recent uptick in clashes has heightened local fears and underscores the complexities of stabilizing Cabo Delgado, particularly after years of insurgency.


In the DRC, the Armed Forces of the Democratic Republic of Congo (FARDC) achieved notable successes against the Islamic State Central Africa Province (ISCAP). Collaborative military efforts with the Uganda People’s Defense Forces (UPDF) have demonstrated potential, yet the ongoing violations against children, including abductions and recruitment, complicate the security landscape and call for urgent humanitarian interventions.



Somalia presents a contrasting challenge, as the Islamic State has doubled its presence, raising concerns about the group’s growing influence and capacity to attract foreign fighters. The survival of its leader, Abdulqadir Mumin, after a U.S. airstrike indicates the resilience of the organization amidst a volatile environment.


Overall, while there are notable military advancements in combating terrorist threats, the simultaneous rise in violence and recruitment activities signals a concerning lull in effective counter-terrorism strategies. The necessity for a multi-faceted approach that includes humanitarian support, community engagement, and long-term stability initiatives is critical to countering these escalating threats across the region.


MOZAMBIQUE

04th Oct- Suspected ISM militants captured and executed a Christian resident in Man’Guna in Palma, Cabo Delgado Province.

14th Oct– ISM militants claimed that they detonated two explosive devices on patrols of the Mozambican and Rwandan armies, between the villages of Manica and Napala, in the Macomia district, which damaged an armored vehicle and injured several soldiers.

14th Oct– Farmers from Macomia, in Cabo Delgado, reported intense clashes in recent days between the military and alleged terrorist groups operating in the region, causing fear among the population.

D.R. CONGO

01st Oct– ISCAP militants captured and executed a Christian in Mambelenga, Ituri Province.

01st Oct- FARDC said that they killed 27 ISCAP fighters, captured 37 others and freed hostages in the Biakato forest in Mambasa territory during the month of September in Ituri.

03rd Oct– ISCAP militants captured and executed 15 Christians, in Anditongo, Mambasa, Ituri Province.

03rd Oct– at least 10 people killed after ISCAP militants led armed assault on the Christian Village, of in Ofaye Otto Maber, Ituri Province.

13TH Oct– Three ISCAP fighters were killed and an AK-47 weapon was recovered during clashes with FARDC-UPDF coalition near the towns of Mangadi and Mabutuwa, in the Bapere sector, Lubero territory.

07TH Oct- ISCAP militants attacked the villages of Makilima and Makoko in the chiefdom of Babila Babombi (Mambasa territory), where they killed at least three civilians.


ANALYSIS AND INSIGHTS

Mozambique

Rwanda recently sent additional reinforcements to Mucojo in Macomia District, Cabo Delgado, Mozambique. This deployment is part of Rwanda’s ongoing military operations to combat the Islamist insurgency that has plagued the region since 2017. The reinforcements, estimated at around 500 troops, are expected to establish a new base in the coastal town of Mucojo, which has seen frequent clashes between Mozambican forces and insurgents. The move comes amid a resurgence of violence by insurgent groups, some of which are linked to Islamic State.


The European Union recently approved a €20 million aid package to support Rwandan forces deployed in northern Mozambique. This financial backing comes after lengthy negotiations in Brussels, where Rwanda agreed to ensure the funds would be used exclusively for operations in Cabo Delgado. The money will primarily assist in the logistics and equipping of Rwandan troops, who have been vital in combating insurgents in the region since their deployment in July 2021. This support aligns with the EU’s broader commitment to counter-terrorism and restoring stability in Mozambique, a region that has seen increased violence due to Islamist insurgencies. Rwanda had been financing its own military operations in Mozambique, and this aid from the EU comes as a crucial boost to sustain these efforts.



After five months of closure of health facilities in Macomia District due to the terrorist attack on May 10 this year, the health facility at the District headquarters has finally reopened. The reopening brings relief to the local population, who were facing serious difficulties in accessing essential medical care. This milestone represents a new chapter for residents, especially pregnant women, who were forced to give birth in precarious and dangerous conditions in their own homes.


Somalia

Islamic State in Somalia has approximately doubled in size over the past year, with numbers increasing from an estimated 200 fighters to around 400, according to AFRICOM commander Gen. Michael Langley. He expressed concern over ISIS’s growing presence in northern Somalia, particularly in Puntland, and warned about the possibility of the group increasing its foreign fighter numbers. Abdulqadir Mumin, the leader of ISIS in Somalia, survived a U.S. airstrike in May and is now considered a credible potential global leader of ISIS. The expansion of ISIS in Somalia poses a growing threat, especially as it seeks to exploit regional instability alongside al-Shabab, another militant group in the country. Concerns are mounting about ISIS attracting more foreign fighters and collaborating with other extremist elements.


DRC

ISCAP has emerged as a significant perpetrator of violence against children in the Democratic Republic of the Congo (DRC), with 37 documented violations in August 2024. This is according to a report by the United Nations Joint Human Rights Office (UNJHRO) and MONUSCO’s Child Protection Section. The group’s involvement in abductions, recruitment of child soldiers, and other grave violations reflects its long-standing strategy of terrorizing local populations, particularly in the eastern provinces like North Kivu and Ituri. The ISCAP’s increasing use of children not only fuels their insurgency but also deepens instability in the region. Their connection to transnational terror networks, including alleged ties to ISIS, complicates efforts to counter their influence, making them a major concern for both local and international actors seeking to stabilize the region.


The joint assessment of Shujaa operations by the Armed Forces of the Democratic Republic of Congo (FARDC) and the Uganda People’s Defense Forces (UPDF) on October 10-11, 2024, highlighted significant advances against the ISCAP. Lieutenant-General Kayanja Muhanga emphasized the need for ongoing collaboration to combat the ISCAP and its affiliates, particularly the ISCAP terrorist faction.



Lieutenant-General Kayanja Muhanga’s remarks underline the importance of continued cooperation between the DRC and Uganda to tackle not only the ISCAP but also its affiliated groups, specifically the ISCAP terrorist faction. This commitment, reinforced by the recent meeting between military leaders, reflects a broader geopolitical strategy to restore stability in the region, which has been plagued by violence and humanitarian crises. The collaboration signals a recognition of the interconnectedness of regional security and the necessity for sustained military and intelligence efforts. However, the effectiveness of these operations will depend on the ability to maintain momentum and adapt strategies to address the ISCAP’s evolving tactics. Continued support from both governments will be crucial in ensuring a long-term resolution to the threat posed by the ADF and its affiliates.


Conclusion

The period from October 1 to October 15, 2024, reflects a complex landscape of counter-terrorism efforts and rising threats in East and Central Africa. Despite recent military successes in the DRC and Rwanda’s renewed commitment in Mozambique, the activities of IS affiliates highlight a troubling lull in effective counter-insurgency operations.


In Mozambique, the resurgence of violence and civilian casualties underscores the fragility of military gains and the urgent need for comprehensive strategies that encompass not only military action but also community engagement and humanitarian support. The European Union’s financial assistance is crucial but must be coupled with clear objectives to ensure its effectiveness in stabilizing Cabo Delgado.



In the DRC, while military collaboration shows promise, the exploitation of children by ISCAP remains a grave concern that undermines the region’s security and social fabric. The documented violations signal an escalating humanitarian crisis that demands immediate attention and intervention from local and international actors.


Finally, in Somalia, the doubling of IS forces presents a significant challenge to regional stability, particularly with the potential for ISIS to forge alliances with al-Shabab. This evolving threat necessitates a multi-faceted approach involving intelligence sharing, enhanced military coordination, and counter-radicalization efforts to address the root causes of extremism.


In summary, while there have been notable military successes against terrorist groups, the observed lull in effective counter-terrorism measures and the ongoing recruitment of fighters call for a renewed focus on comprehensive strategies that address both immediate security needs and long-term stability in the region. The current dynamics in East and Central Africa reflect a troubling intersection of military successes and rising threats from Islamic State affiliates. The urgency for cohesive strategies that integrate military efforts with humanitarian and community-based approaches is paramount. Only through sustained collaboration among regional actors and comprehensive initiatives can the region hope to navigate the complexities of counter-terrorism and restore lasting peace and stability.

How safe are our ATMs here?Anew variant of the FASTCash malware, previously known to target Windows and AIX systems, has now been identified targeting Linux-based payment switches.


FASTCash, first documented by U.S. CISA in 2018, has been linked to a series of ATM cashout schemes targeting banks in Africa and Asia since at least 2016, and has been developed by the notorious North Korean state-backed hacking group known as Lazarus (aka Hidden Cobra).

The malware operates by compromising payment switch servers, which are crucial components of a bank’s infrastructure responsible for processing card transactions. These systems handle the flow of transaction data between acquirers (the banks that enable merchants to accept payments), issuers (the banks that provide cards), and card networks like Visa and Mastercard. By targeting these payment switch servers, the malware disrupts the entire transaction process, making financial institutions vulnerable to fraud.

FASTCash for Linux uses Ubuntu Linux 22.04 (Focal Fossa), C++ programming language, AES-128 CBC encryption, and a hardcoded key to protect the configuration file.

A researcher, using the handle HaxRob, discovered two new samples of FASTCash for Linux switches in June 2023, one compiled for Ubuntu Linux 20.04 and likely developed after April 21, 2022, and the other likely not used. As of Sunday, only four anti-malware engines detected each sample.

HaxRob explains that the malware is present in the userspace of an interbank switch. When a compromised card is used for fraudulent translation, FASTCash manipulates messages received from issuers, causing transaction messages for denies to be converted to approvals.

The Linux variant of FASTCash is disguised as a shared object file named “libMyFc.so.” It specifically targets ISO 8583 messages – the standard format for communication within payment networks, intercepting declined transaction messages, typically triggered by insufficient funds, for a predetermined list of cardholder accounts. 

It then manipulates these messages, authorizing them for a random withdrawal amount in Turkish Lira, ranging from 12,000 to 30,000 Lira ($350 to $875). This modus operandi mirrors a Windows variant of FASTCash identified by the Cybersecurity and Infrastructure Security Agency (CISA) in September 2020.

For targeted transactions, the malware modifies the authorization response message by:

  • Removing specific data elements to avoid detection.
  • Overwriting the processing code to indicate approval.
  • Adding a random amount of Turkish Lira to the transaction amount.
North Korean Hackers Deploy Linux FASTCash Malware for ATM Cashouts
Attack flow chart

This expansion highlights the increasing sophistication and persistence of North Korean cyberattacks aimed at financial institutions and the need for enhanced security measures in payment switch systems.

Organizations should implement robust detection capabilities, regularly update software, configure security controls, patch and update systems, implement strong network security, conduct regular audits, and educate staff on phishing and social engineering risks to stay protected.

The US DoJ indicts two Sudanese nationals allegedly behind Anonymous Sudan for over 35,000 DDoS attacks targeting critical infrastructure, hospitals, and major tech firms.

 The FBI seized a powerful DDoS tool; victims include the DOJ, Microsoft, and Cedars-Sinai.The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting “tens of thousands” of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally.The Alleged Masterminds Behind the Attacks are:Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers.The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE’s Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group.The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles.The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.FBI Seized Anonymous Sudan’s DDoS ToolFor your information, DCAT refers to a type of malicious tool or framework that exploits cloud resources across multiple geographic locations to execute cyberattacks. These tools often take advantage of the scalability, distribution, and on-demand nature of cloud services to create strong attack infrastructures.According to the DoJ’s press release, in March 2024, the U.S. Attorney’s Office and the FBI, acting on court-authorized seizure warrants, successfully disabled and seized Anonymous Sudan’s “powerful DDoS tool.” This tool, which the group allegedly used to execute attacks and sold as a service to other criminals, was the base of their operations.The March 2024 operation, which disrupted the DCAT tool (also known as “Godzilla,” “Skynet,” and “InfraShutdown”), involved seizing key components, including servers that launched and controlled attacks and those that relayed commands. The warrants also covered accounts containing the source code for the DDoS tools.“Anonymous Sudan sought to maximize havoc and destruction against governments and businesses around the world,” stated United States Attorney Martin Estrada. He emphasized the group’s callousness, noting attacks on hospitals providing emergency care. “We are committed to safeguarding our nation’s infrastructure and holding cybercriminals accountable,” he added.Operation PowerOFFThese actions are part of Operation PowerOFF, an international effort to dismantle DDoS-for-hire infrastructures active since 2018. Private sector entities like Akamai SIRT, Amazon Web Services, Cloudflare, and Microsoft have played a key role in the takedown since.Akamai SIRT expressed gratitude to the FBI, DOJ, and the Big Pipes working group for their commitment to prioritizing DDoS investigations and disrupting these operations.“Akamai would like to thank the members of the Federal Bureau of Investigation (FBI), the DOJ, and the Big Pipes working group for their commitment to prioritizing DDoS investigations, as well as their investment of time and energy into unravelling these operations and attempting to disrupt them,” the company said.

Wednesday, October 16, 2024

UK boosts support for ATMIS with 7.5M Pounds.

 


The United Kingdom has provided a further £7.5 million to the African Union Transition Mission in Somalia (ATMIS). This latest round of funding builds on earlier contributions and increases the total amount of financial support from the United Kingdom to both ATMIS and AMISOM since 2021 to £77 million. ATMIS plays a vital role in Somalia’s security, protecting key areas including population centres, supply routes and infrastructure. It continues to support the Somali National Army in joint operations, facilitating humanitarian aid, and safeguarding political processes including elections. 


UK funds have enabled ATMIS to improve Somalia’s security by combatting al-Shabaab and reducing the group’s influence. ATMIS troops also provide protection for Somali civilians as they work to ensure a more stable and secure Somalia to the benefit of its people and the region. The new funding will fund military stipends for troops from the five troop-contributing countries (Burundi, Djibouti, Ethiopia, Kenya and Uganda), and will help ATMIS to complete its mandate of a phased handover of security responsibilities to the Somali Security Forces. The activities of ATMIS are crucial to Somalia’s journey towards security and stability, but these require consistent international support.


British Ambassador to Somalia, Mike Nithavrianakis, said of the new funding:


The UK is a close and longstanding partner of Somalia and a leading donor to ATMIS. By supporting ATMIS, we are not only investing in Somalia’s security today but also in its stability and prosperity tomorrow. I encourage traditional and non-traditional partners to financially support the successor mission to ATMIS to ensure a secure and stable future for all Somalis and the region.


Somalia’s Defence Minister, Abdikadir Mohamed Nur, welcomed UK support, noting:


This funding is critical in supporting the efforts of ATMIS and Somali security forces. We appreciate the UK’s continued partnership in rebuilding a safer and secure Somalia. The continued support of our partners will remain vital as we work towards a sustainable security environment in our country.


The African Union (AU) Commissioner for Political Affairs, Peace and Security (PAPS), H.E. Ambassador Bankole Adeoye also expressed gratitude for the UK’s contribution and emphasised the importance of continued international support:


I wish to sincerely thank the British Embassy for its continued support to the AU and for this generous and timely £7.5 million contribution to ATMIS. We urge other partners to follow the UK’s example and invest in Somalia’s security to ensure lasting peace and stability in Somalia and the wider region.


This latest contribution reinforces the UK’s continued commitment to Somalia’s security and stability for a safer and more prosperous future, while also ensuring regional stability.

UN Security Council Resolution (2748) adopted on 16 August 2024 authorises African Union Member States to continue to deploy up to 12,626 uniformed personnel - inclusive of 1,040 police personnel, to ATMIS until 31 December 2024.

Tuesday, October 15, 2024

Nyamulagira getting to eruption


 Proffessor Charles Balagizi, scientific director of the OVG, specified that "the eruption consists of an overflow of lava from its crater, these lavas flow on the northern, western and southwestern flanks."


He added that the latest satellite images show three lava flows forming, the most advanced having already traveled about 7 km.


"Since , around October 13, 2024 at around 22:00 local time, a glow has been observed at Nyamulagira, a consequence of this eruptive activity in the crater which is spreading on its flanks," said Professor Balagizi.


This eruption comes as OVG agents threaten to resume a total strike if the military governor of North Kivu does not respect the commitments made during a recent meeting. Some agents, who had agreed to provide a minimum service, express their concerns about the situation.


The population of Goma remains marked by the eruption of Nyiragongo in May 2021, which caused 32 deaths and destroyed several hundred homes. This eruption coincides with the International Day for Disaster Risk Reduction, highlighting the urgency of proactive management of natural disasters in the region.

Sunday, October 13, 2024

Rwanda and DRC agree on a harmonized plan to neutralize the FDLR

 DRC and Rwanda reached an agreement on Saturday, October 12, on the activities and responsibilities contained in the harmonized plan for the neutralization of the Democratic Forces for the Liberation of Rwanda (FDLR) and the disengagement of forces.


This agreement is the result of the ministerial meeting between the two countries, facilitated by Angola, which took place on Saturday in Luanda, (Angola). This agreement also provides for the lifting of Rwanda's defense measures, specifies a press release from the Congolese Ministry of Foreign Affairs.


 


To this end, the parties have mandated experts to draw up a detailed plan for the implementation of the Harmonized Plan, the report of which will have to be analyzed at the next ministerial meeting to be held on a date to be agreed, adds the same source.


During the meeting, the ministers reviewed the latest events since their last ministerial session on September 14, 2024, and urged the parties to the conflict to respect the ceasefire of August 4 this year.


Finally, the ministers also agreed to continue working on the pending security issues contained in the draft peace agreement proposed by the facilitator, Angolan President João Lourenço, Angop reports.  


Rwanda, whose armed forces are present in the DRC in support of the M23 rebels, "  makes its withdrawal from Congolese soil conditional on the neutralization of the FDLR  ," the head of Congolese diplomacy revealed to the UN Security Council in New York on October 8.


This agreement reached on the harmonized plan for the neutralization of the FDLR and disengagement of forces is an important step in the peace process between the two countries. 


The Congolese delegation at this meeting was led by Therese Kayikwamba Wagner, Minister of State for Foreign Affairs, International Cooperation and Francophonie. The Rwandan side was led by its Minister of Foreign Affairs and International Cooperation, Olivier Nduhungirehe. The mediation was represented by Tète António, Angolan Minister of External Relations.


The DRC and Rwanda have been in dialogue for several months under the mediation of Angola to find a definitive solution in terms of peace and security in the East of the DRC and in the Great Lakes sub-region.


Kinshasa accuses Kigali of supporting the M23 rebellion which occupies several localities in the province of North Kivu, in the east of the DRC, following a war it has been waging there for more than a year.


Kigali, in turn, accuses its neighbour of collaborating with the FDLR rebels who have taken refuge on its soil for more than a decade, in the aftermath of the Rwandan genocide.

According to some intellugence sources,the Rwanda gorvement is expected to give a list of FDLR  whom it expects resides in  DRC,and seen by many as a hard task.

Thursday, October 3, 2024

A motor boat capsizes in kivu,killing 2 and 1 missing.A boat leaving Bukwidja for Bukavu capsized in kivu killing 2 people,1 missing a


 This motor boat left Bukwidja for Bukavu at around 1 pm ,but it capsized killing 2 people,1 is missing and 17 have been rescued!!




....just wait,you will hear this news groups reporting about this.......

Is it true that 75% of M23 is made up of Rwandan soldiers?

I have been troubled by this claim for over a week...Is thus this the 450 who are claimed to have deserted and taken refuge to Uganda!! Is true that they are here in Uganda or just mere propaganda of the Western powers!


Listen and watch


SADC army officers already in Goma to assess the offensive against M23


Watch the video above

Today's explosion in Mogadishu led to death of up to 15 people

 :  Abdihakim, a police officer, was among those killed in the Alshabaab explosion at General Kaahiye Police Academy in Mogadishu. Alshabaab...