U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

How an insecure messaging app led to fall of a terrorist organization in Turkey?

MIT (Turkish Intelligence Agency) has hacked one-single server of a messaging app in Lithuania in order to identify members of an Islamic terrorist group. Within the harshness of political controversies turned up in Turkey with the recent coup attempt at July of 15th [1], it seems that a cyberwar between MIT [2] (Turkish National Intelligence […]

How an insecure messaging app led to fall of a terrorist organization in Turkey?

MIT (Turkish Intelligence Agency) has hacked one-single server of a messaging app in Lithuania in order to identify members of an Islamic terrorist group.

Within the harshness of political controversies turned up in Turkey with the recent coup attempt at July of 15th [1], it seems that a cyberwar between MIT [2] (Turkish National Intelligence Agency) and FETO [3] ended up revealing all key member names to the government authorities.

It all started with the release of a mobile messaging app called ByLock which seemed as a simple, ordinary messaging solution with offline mail and online voice calling capabilities developed by a guy named David Keynes from Oregon.  But later on, it is understood that there is no one named as mentioned and it was a work of an illegal organization to move its whole daily communication to the underground.

Despite the “next generation of secure communication” slogan on the homepage of ByLock -which is still live at https://bylockapp.wordpress.com/- after months of the release of the application it took attention of MIT due to popularity among FETO members and it was easily decompiled into the pieces and pointed out to a server in Lithuania that all messages, passwords and ip addresses stored in plaintext.

messaging app hacked by MIT

After the hack of a server in Lithuania, security experts downloaded nearly 3.5 million messages revealing ~53000 thousand people relating to the illegal organization. It was a breach which gave a big advantage to the Turkish authorities in the mid of 2015 and after the failed coup attempt.

But this is not the end of the story. Recently, the head of “Ministry of Science, Technology and Industry”, Faruk Ozlu has revealed that there were suspicions that ByLock was the product of the secret members of FETO who were working in TUBITAK [4] (The Scientific And Technological Research Council Of Turkey). “Our investigations are still ongoing in TUBITAK and we are categorizing suspected people in 5 categories. We have taken out their jobs whom are found within 4. and 5. Category by others in 3 categories are getting checked out for evidences.” said Ozlu in September 9 to AA (Anatolian News Agency).

These news with TUBITAK are revealed footprints about another struggle which has been resulted with the wiretaps leaked in 2013 containing Tayyip Erdogan’s conversations [5] on crypto-phones developed by TUBITAK which later denied and called ‘fake’ by the authorities.

References

[1] https://en.wikipedia.org/wiki/2016_Turkish_coup_d%27%C3%A9tat_attempt

[2] http://mit.gov.tr

[3] https://en.wikipedia.org/wiki/G%C3%BClen_movement

[4] http://tubitak.gov.tr/en

[5] http://www.ibtimes.com/are-erdogan-corruption-tapes-real-1558185

[adrotate banner=”9″]

About the Author Harun Esur

harun-esurHarun Esur is founder of Sceptive, a security firm specialized on underground cyberwarfare and services for financial companies. Coding, hacking and protecting padawans in cyberworld since the invention of Commodore 64 and VICMODEM model 1600.

 

 

 

Edited by Pierluigi Paganini

(Security Affairs – terrorism, messaging app)