Moroccan Hackers Steal Gift Cards from Global Companies

A group of Moroccan hackers has launched a global cybercrime campaign. Their goal is to infiltrate corporate systems and steal digital gift cards worth thousands of dollars.

Cybersecurity researchers describe the campaign as organized, stealthy, and highly professional. These attackers rely on social engineering rather than malware to compromise internal systems and avoid detection for months.

How the Attacks Begin

The attackers start by sending phishing emails or fake Microsoft 365 login pages to employees. Once a victim enters their credentials, the hackers gain full access to the company’s internal environment.

They then explore platforms such as SharePoint and OneDrive to locate files or systems connected to gift card management. After identifying the right infrastructure, they manipulate the process to generate or redeem fraudulent cards.

Long-Term Access Without Malware

Unlike typical cybercriminals, these Moroccan hackers avoid using malicious software. Instead, they exploit legitimate user access to stay invisible.

In one documented breach, the attackers remained inside a company network for nearly ten months. During that time, they compromised more than 60 user accounts and expanded their control across multiple systems.

They also used hijacked WordPress servers to host malicious links disguised as legitimate corporate domains, making detection even harder.

Why Gift Cards Are the Perfect Target

Gift cards are easy to sell and almost impossible to trace. Because they hold real monetary value, they offer a quick and unregulated payoff.

Cybercriminals can also launder stolen funds by reselling the cards on underground markets, leaving minimal digital evidence behind.

How Companies Can Respond

Organizations should strengthen access management and implement strict identity verification. Regular monitoring of systems that handle financial or voucher operations is essential.

Employee awareness training is equally important. Teaching staff to recognize phishing and social engineering attempts can prevent initial breaches.

Conclusion

The Moroccan hackers gift cards campaign highlights a growing cybercrime trend: exploiting trust instead of deploying malware. Companies must improve defenses, enhance monitoring, and prioritize security education to protect their digital assets.