Gun-for-hire Turkish hacker group increases attacks on prominent figures

A notorious Turkish hacker group called RedHack has been attacking e-mails of prominent figures and threatens to publish unless their demands are met, including attempts to mobilize the people against the government

A Turkish hacker group called RedHack has recently made its name again by launching attacks against the e-mails of prominent figures, including ministers.

The hacker group became famous in 2013 when the Gezi Park protests took place. In order to protest the government’s stance during the events, the group hacked the websites of the presidency, Istanbul police department, Istanbul governorate and Ankara municipality. The group had said at the time that the hacking of the websites of state institutions would continue.

“RedHack has been trying to instigate the youth to take to the streets and create chaos by supposedly exposing corruption,” Yusuf Özhan, ESMEDYA digital group editor-in-chief, told Daily Sabah.

The group had recently attacked the e-mails of Energy and Natural Resources Minister Berat Albayrak and threaten to expose them.

“RedHack works with contracts. It seems that they got this job from certain circles and hacked into the minister’s emails,” Çetin Kaya Koç, professor of cryptology from the University of California at Santa Barbara, and an expert in cyber physical security, told Daily Sabah. He added that hackers within the group do not communicate with each other a lot, working in disguise.

Hector Xavier Monsegur, also known as Sabu, was a hacktivist when he was caught by the FBI in June 2011 and was given the choice to collaborate in taking down the network of other hacktivists. He began his tenure at the FBI as an informant. Later on, Sabu proved to be an efficient asset for the FBI by playing a key role in the arrest of Jeremy Hammond, a wanted hacker working for Anonymous at the time.

Sabu recruited other hackers and carried out attacks on Turkish government websites in 2011 and 2012. AntiSec, Sabu’s hacktivist group, became close with a group of Turkish hackers at RedHack, and launched attacks on the aforementioned websites. RedHack hackers sent special thanks to AntiSec on the pages of websites that they hacked. The two groups cooperated in taking down Turkish government websites at the time.

A 2014 Daily Dot report based on the court reports and chat logs said Monsegur directed Hammond to hack hundreds of websites outside the United States, including Turkish government website servers. Monsegur contacted a member of RedHack in a chatroom on Jan. 25, 2012, and Hammond passed on the unauthorized access to these servers to RedHack.

Monsegur also previously told Daily Sabah that he helped RedHack because they asked him to.

Koç drew attention to the possible collaboration with RedHack and the Gülenist Terror Group (FETÖ). The group might have got the job from FETÖ, he contended. “It is for sure that Erdoğan will not be released,” Koç predicted. However, he asserted that the copies of emails will not have any impact on the public.

Recalling the link between Sabu and RedHack, Özhan said the group might still have ties to the FBI, he cannot be sure.

Koç explained that he was also attacked during the Gezi Park protests when he criticized the hacker group for hacking into state institutions’ websites that are useful to people.

Commenting on how ministers and other top diplomats can protect their accounts and email addresses from such hacking activities, Koç said they should use long passwords and two-factor authentication methods


. . . . . . . .

Leave a Reply