Phineas Fisher Fingered: Hacking the Turkish Government

A notorious hacker has claimed responsibility for hacking Turkey’s ruling party, the AKP, and stealing more than 300,000 internal emails and other files.

The hacker, who’s known as Phineas Fisher and has gained international attention for his previous attacks on the surveillance tech companies FinFisher and Hacking Team, took credit for breaching the servers of Turkey’s ruling party, the Justice and Development Party or AKP.

“I hacked AKP,” Phineas Fisher, who also goes by the nickname Hack Back, said in a message he spread through his Twitter account recently.

The hacker didn’t provide any definitive evidence to support his claims, but he posted a link to a series of stolen files totaling more than 100 gigabytes.

Recently WikiLeaks began publishing emails stolen from the party of the Turkish President Recep Tayyip Erdogan. The anti-secrecy organization led by Julian Assange said it recently received the files from a source “who is not connected, in any way, to the elements behind the attempted coup [in Turkey], or to a rival political party or state.”

That source, it appears, was none other than Phineas Fisher.

“What better way to celebrate the release of VICE's Cyberwar than by attacking a NATO member?” Phineas Fisher told me in an email, referring to VICELAND’s new documentary series on hacking and cybersecurity, which this week featured an exclusive interview with the hacker.

Phineas Fisher explained in his message that he attacked AKP “because I support the society people are trying to build in Rojava and Bakur, and they're being attacked by Turkey,” referring to two Kurdish anti-capitalist autonomous regions, which are located between Turkey and Syria. ”I don't see leaking as an end in itself, so I was talking with people in Rojava and Bakur to see how best to use the access I'd gotten.”

”I don't see leaking as an end in itself, so I was talking with people in Rojava and Bakur to see how best to use the access I'd gotten.”

Earlier this year, the hacker claimed to have robbed a bank in a cyber heist and sent 10,000 euros in bitcoin to the Rojava Plan, an organization that promotes “gender liberation, direct democracy, and a free and ecological society” in Rojava.

The hacker hinted that there was some sort of miscommunication when WikiLeaks received the files, and the organization jumped the gun in publishing them.

“To be fair to WikiLeaks, they didn't know I was still in AKP's network downloading files at the time they announced they were publishing,” Phineas Fisher wrote in his message. “But they did know that the source who had given them the file was asking them to wait.”

WikiLeaks did not immediately respond to a request for comment. And Phineas Fisher declined to answer more questions regarding the hack.

The leak is being hosted also by the independent security researcher Thomas White, also known as TheCthulhu.

After the publication of the emails recently, Turkey reacted by blocking WikiLeaks. How they’ll react to this new, apparently more extensive leak, remains to be seen.

Motheboard

 

 

« Deep Mystery: Looking For MH370
DDoS Attacks Shuts Down Pro-ISIS Websites »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

BaseN

BaseN

BaseN is a full stack IoT Operator. We control the full value chain in order to provide ultimate scalability, fault tolerance and security to our customers.

National Cybersecurity Student Association (NCSA) - USA

National Cybersecurity Student Association (NCSA) - USA

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

Knovos

Knovos

Knovos is a leading technology innovator developing solutions for automating, integrating, and innovating Information Governance.

Titan Labs

Titan Labs

Titan Labs is a Cyber Security Consultancy that provides advice and technical expertise to government, international finance and telecommunications providers.

NAK Consulting Services

NAK Consulting Services

NAK is helping organisations to create Secure, Agile IT Environments. Our goal is to be the trusted advisor and managed service partner for our clients.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

Dapple Security

Dapple Security

Dapple Security is creating cutting edge technology utilizing responsible biometrics that protects people and privacy through a first-of-its-kind passwordless platform.

QANplatform

QANplatform

QANplatform is a Quantum-resistant hybrid blockchain platform.

GAM Tech

GAM Tech

GAM Tech is a Managed IT Service Provider that serves small and medium sized businesses in Alberta, British Columbia, Ontario and Quebec.

TeamSystem

TeamSystem

TeamSystem is a leading tech company in the market for digital business management solutions for companies and professionals.

ColCERT

ColCERT

ColCERT is the national cybersecurity emergency response team of Colombia.

Styx Intelligence

Styx Intelligence

Styx Intelligence’s platform provides visibility and supports remediation against threats targeting your digital assets.