Hacker Claims Responsibility For Turkey Attacks | Hacked: Hacking Finance

Hacker Claims Responsibility For Turkey Attacks


Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.


Bitcoin Giant Bitmain Enters the High Stakes AI Race 27th August, 2017

Three Country Exchange Traded Funds Offer Potential For Investors 27th August, 2017


Hacker Claims Responsibility For Turkey Attacks

Posted on .
This article was posted on Wednesday, 19:41, UTC.

Who is really behind the distributed denial of service (DDoS) attacks against Turkey’s Internet? Russia and Anonymous-branded social media accounts have been named as candidates, but an investigation by The Daily Dot indicates it was likely the work of a person who possessed powerful cyberweapons.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The Daily Dot interviewed a person through encrypted messages who claims to be the culprit and was able to demonstrate their capabilities. The individual explained how they attacked Turkey’s Internet and said they were doing it on account of the country’s helping or ignoring ISIS.

The Biggest Cyberattack Ever

The DDoS attack on Dec. 14, which has been described as the biggest cyberattack ever, targeted NIC.tr., the server that registers domains with Turkey’s country code which serves as administrator of the country’s academic Internet.

The attack peaked at 40 Gbps, undermining the country’s Internet. Nameservers became overloaded and could not respond to normal visitor requests. Nearly all domains ending in “.tr” could not be reached.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

In response to the attack, NIC.tr administrators blocked all requests from outside of the country. This defensive action slowed the attacks, but emails sent to Turkish nameservers received an “unknown host” error. The blocking action left Turkey invisible to the rest of the world’s Internet for nearly a day.

Russia was immediately suspected as the culprit on account of Turkey’s downing a Russian jet near the Syria border. There is no evidence to support this suspicion.

CyberBerkut, a pro-Russian hacktivist group, was also suspected. This group, however, did not claim responsibility as it has following other attacks.

Anonymous Connection Rises

On Dec. 18, an Anonymous-branded account posted a YouTube video taking credit for the Turkish attacks as part of a campaign against Islamic State. On Dec. 23, a shorter version of the video replaced the original one.

The videos said they would not accept Turkey President Recep Tayyip Erdogan’s helping ISIS. The video justifies the attacks and cites evidence that the Turkish government is helping ISIS.

Despite Anonymous’ claims, there is no evidence the Anonymous-branded account has any connection to the DDoS attacks on Turkey’s Internet. There are other reasons to doubt such a connection.

Anonymous usually announces its attacks in advance rather than waiting for days following an attack to claim responsibility. When Anonymous does attack, it does so to infiltrate networks to leak and steal data, not just to launch DDoS attacks. There is no evidence the DDoS attacks in Turkey involve anything besides DDoS attacks.

There are also issues with the Anonymous-branded YouTube videos. The first video posted three months ago. Following a silence, the party behind the account began uploading videos about different Anonymous operations, which is unusual behavior.

Anonymous sources interviewed by the Daily Dot claimed the video is not related to the attacks. Two longtime Anonymous members suspected the account is connected to Anonymous “wannabees” seeking credit for the attack.

A New Suspect Claims Credit

The Daily Dot eventually identified an individual who provided few personal details but a lot of evidence suggesting they were behind the attacks.

The suspect demonstrated his or her capabilities during a conversation with The Daily Dot. The person was able to pull down Syria’s DNS servers for nearly 15 minutes. The Daily Dot posted a screenshot showing Syria’s DNS servers falling. The suspect was also able to attack jihadist and radical Muslim organizations’ websites simultaneously.

The attacker told The Daily Dot they paralyzed the NIC.tr by partly using a tactic called DNS Amplification Attack. Such an attack uses the system against itself to achieve a larger attack than normally possible. CloudFlare, a web services company that protects clients against DDoS attacks said a DNS Amplification Attack can be 50 times as powerful as other attacks.

Asked if he or she tested NIC.tr for particular weaknesses, the suspect told The Daily Dot this effort was experimental and that he or she learned the most effective methods on the fly.

The attacker did not reveal their nationality but said their motivation was political. The suspect said the Turkish government and its president were helping ISIS or ignoring the group. The attacker also said they were helping some Anonymous groups with an anti-ISIS campaign.

Also read: Russia claims Turkey’s president engages in illegal trade with ISIS

A Part-Time Anonymous Hacker

The suspect told The Daily Dot he or she does not work under Anonymous full-time, but occasionally works with different Anonymous teams and often works alone.

On Dec. 24, another attack wave besieged Turkey’s top banks. RedHack, a leftist hacktivist group in Turkey, claimed the bank attacks. Since RedHack is part of the Anonymous hacktivist group, some suspected a link between the bank attacks and the Anonymous videos claiming responsibility for the ongoing DDoS attacks in Turkey. RedHack, however, always claims credit for its attacks and did not claim credit for the attacks against NIC.tr.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

There are no comments.

View Comments (0) ...
The team:
Dmitriy Lavrov
Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
Jonas Borchgrevink
Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
Mate Csar
Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
Mati Greenspan
Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
Rakesh Upadhyay
Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
Pamela Meropiali
Account Manager
Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
Joseph Young
Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
A root kit or rootkit is a software suite, most…