Phineas Fisher Fingered: Hacking the Turkish Government

A notorious hacker has claimed responsibility for hacking Turkey’s ruling party, the AKP, and stealing more than 300,000 internal emails and other files.

The hacker, who’s known as Phineas Fisher and has gained international attention for his previous attacks on the surveillance tech companies FinFisher and Hacking Team, took credit for breaching the servers of Turkey’s ruling party, the Justice and Development Party or AKP.

“I hacked AKP,” Phineas Fisher, who also goes by the nickname Hack Back, said in a message he spread through his Twitter account recently.

The hacker didn’t provide any definitive evidence to support his claims, but he posted a link to a series of stolen files totaling more than 100 gigabytes.

Recently WikiLeaks began publishing emails stolen from the party of the Turkish President Recep Tayyip Erdogan. The anti-secrecy organization led by Julian Assange said it recently received the files from a source “who is not connected, in any way, to the elements behind the attempted coup [in Turkey], or to a rival political party or state.”

That source, it appears, was none other than Phineas Fisher.

“What better way to celebrate the release of VICE's Cyberwar than by attacking a NATO member?” Phineas Fisher told me in an email, referring to VICELAND’s new documentary series on hacking and cybersecurity, which this week featured an exclusive interview with the hacker.

Phineas Fisher explained in his message that he attacked AKP “because I support the society people are trying to build in Rojava and Bakur, and they're being attacked by Turkey,” referring to two Kurdish anti-capitalist autonomous regions, which are located between Turkey and Syria. ”I don't see leaking as an end in itself, so I was talking with people in Rojava and Bakur to see how best to use the access I'd gotten.”

”I don't see leaking as an end in itself, so I was talking with people in Rojava and Bakur to see how best to use the access I'd gotten.”

Earlier this year, the hacker claimed to have robbed a bank in a cyber heist and sent 10,000 euros in bitcoin to the Rojava Plan, an organization that promotes “gender liberation, direct democracy, and a free and ecological society” in Rojava.

The hacker hinted that there was some sort of miscommunication when WikiLeaks received the files, and the organization jumped the gun in publishing them.

“To be fair to WikiLeaks, they didn't know I was still in AKP's network downloading files at the time they announced they were publishing,” Phineas Fisher wrote in his message. “But they did know that the source who had given them the file was asking them to wait.”

WikiLeaks did not immediately respond to a request for comment. And Phineas Fisher declined to answer more questions regarding the hack.

The leak is being hosted also by the independent security researcher Thomas White, also known as TheCthulhu.

After the publication of the emails recently, Turkey reacted by blocking WikiLeaks. How they’ll react to this new, apparently more extensive leak, remains to be seen.

Motheboard

 

 

« Deep Mystery: Looking For MH370
DDoS Attacks Shuts Down Pro-ISIS Websites »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

Willis Towers Watson

Willis Towers Watson

Willis Towers Watson is a global risk management, insurance brokerage and advisory company. Services offered include Cyber Risks insurance.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

Quadrant Information Security

Quadrant Information Security

Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data.

Industrial Networking Solutions (INS)

Industrial Networking Solutions (INS)

INS Services specializes in designing, deploying and providing on-going support for critical OT (Operational Technology) and IIoT (Industrial Internet of Things) networks.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

Fudo Security

Fudo Security

Fudo Security is a leading provider of privileged access management and privileged session monitoring solutions.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Kaine Mathrick Tech (KMT)

Kaine Mathrick Tech (KMT)

KMT deliver comprehensive cyber-first outsourced technology support and solutions that scale with your business.

Staris

Staris

Human based defense is dead. Staris is reinventing application security for an increasingly AI driven world.

Atlantica Digital

Atlantica Digital

Atlantica design and create highly innovative software solutions and solid, scalable and secure IT infrastructures for a constantly evolving market.