Phineas Fisher Fingered: Hacking the Turkish Government

A notorious hacker has claimed responsibility for hacking Turkey’s ruling party, the AKP, and stealing more than 300,000 internal emails and other files.

The hacker, who’s known as Phineas Fisher and has gained international attention for his previous attacks on the surveillance tech companies FinFisher and Hacking Team, took credit for breaching the servers of Turkey’s ruling party, the Justice and Development Party or AKP.

“I hacked AKP,” Phineas Fisher, who also goes by the nickname Hack Back, said in a message he spread through his Twitter account recently.

The hacker didn’t provide any definitive evidence to support his claims, but he posted a link to a series of stolen files totaling more than 100 gigabytes.

Recently WikiLeaks began publishing emails stolen from the party of the Turkish President Recep Tayyip Erdogan. The anti-secrecy organization led by Julian Assange said it recently received the files from a source “who is not connected, in any way, to the elements behind the attempted coup [in Turkey], or to a rival political party or state.”

That source, it appears, was none other than Phineas Fisher.

“What better way to celebrate the release of VICE's Cyberwar than by attacking a NATO member?” Phineas Fisher told me in an email, referring to VICELAND’s new documentary series on hacking and cybersecurity, which this week featured an exclusive interview with the hacker.

Phineas Fisher explained in his message that he attacked AKP “because I support the society people are trying to build in Rojava and Bakur, and they're being attacked by Turkey,” referring to two Kurdish anti-capitalist autonomous regions, which are located between Turkey and Syria. ”I don't see leaking as an end in itself, so I was talking with people in Rojava and Bakur to see how best to use the access I'd gotten.”

”I don't see leaking as an end in itself, so I was talking with people in Rojava and Bakur to see how best to use the access I'd gotten.”

Earlier this year, the hacker claimed to have robbed a bank in a cyber heist and sent 10,000 euros in bitcoin to the Rojava Plan, an organization that promotes “gender liberation, direct democracy, and a free and ecological society” in Rojava.

The hacker hinted that there was some sort of miscommunication when WikiLeaks received the files, and the organization jumped the gun in publishing them.

“To be fair to WikiLeaks, they didn't know I was still in AKP's network downloading files at the time they announced they were publishing,” Phineas Fisher wrote in his message. “But they did know that the source who had given them the file was asking them to wait.”

WikiLeaks did not immediately respond to a request for comment. And Phineas Fisher declined to answer more questions regarding the hack.

The leak is being hosted also by the independent security researcher Thomas White, also known as TheCthulhu.

After the publication of the emails recently, Turkey reacted by blocking WikiLeaks. How they’ll react to this new, apparently more extensive leak, remains to be seen.

Motheboard

 

 

« Deep Mystery: Looking For MH370
DDoS Attacks Shuts Down Pro-ISIS Websites »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

Zerto

Zerto

Zerto provides enterprise-class disaster recovery and business continuity software specifically for virtualized data centers and cloud environments.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

ACROS Security

ACROS Security

ACROS Security is a leading provider of security research, real penetration testing and code review for customers with the highest security requirements.

RUSCADASEC

RUSCADASEC

RUSCADASEC is an independent non-profit initiative on developing the open Russian-speaking international community of industrial cyber security/ICS/SCADA cyber security professionals.

Institute of Informatics and Telematics (IIT)

Institute of Informatics and Telematics (IIT)

IIT carries out activities of research, assessment, technology transfer and training in the field of Information and Communication Technologies and of Computational Sciences.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

CyberForum

CyberForum

CyberForum supports businesses from the IT and high-tech industry in all stages of their development: from startup consulting to professional staffing and even location marketing campaigns.

High Security Center (HSC)

High Security Center (HSC)

High Security Center provide real-time threat protection. We protect your company from targeted and persistent attacks using technologies such as Machine Learning and Behavioral Analysis.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

Sealing Technologies (SealingTech)

Sealing Technologies (SealingTech)

SealingTech is a leader in cutting edge research, products, engineering, and integration services in the Internet of Things, Edge, Machine Learning, Artificial Intelligence, and Cloud.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

Aikido Security

Aikido Security

Aikido is the no-nonsense security platform for developers. Secure your code, cloud, and runtime in one central system. Find and fix vulnerabilities automatically.

DefensX

DefensX

DefensX turns your go-to browser into a secure digital workspace paired with robust Web Data Loss Protection and AI Data Protection.