Thursday, March 11, 2010
Hacker sites and foreign press are picking up the story today of the arrest of at least 23 hackers in 13 different provinces in Turkey. The news was first seen in Russian on 09MAR2010, but is now spreading into the English speaking press, with more details available.
News.AZ ran the story 23 Kurdish hackers arrested in Turkey, which provides some basic facts that the hackers are associated with the Kurdistan Workers' Party, or PKK, and were taken to Diyarbakır for further questioning. This article calls the hacker team the "Cold Attack Team", and says that it took orders from leaders in Kandil in Iraq and in Europe regarding what websites to hack and what messages to place there. It also mentions that the hackers distributed a PowerPoint attachment via email which would trojan the readers computer.
It is unknown if this story is related to news first released in February about another PKK hacker. A story in Today's Zaman provides a bit more depth, PKK hacker faces up to 10 years in prison, identifying the leader of a PKK hacker group as having been apprehended on November 14th, and charged with "acquiring state secrets and confidential documents on behalf of the PKK terrorist organization". The indictment unveiled by a Diyarbakır prosecutor reveals that the hacker, who they call by his initials, R.Ç., had classified documents on his computer belonging to Turkey's National Intelligence Organization, the Milli Istihbarat Teskilati (MİT), and evidence that the hacker had an "online friendship" with Murat Karayılan, who leads the PKK in northern Iraq. R.Ç. claims he was introduced to Murat by a friend in France, and that they gained the classified documents through "computer virus programs he placed on pornographic Web sites visited by army members."
Mr. WaGrAnT is probably a member of the group - a YouTube tribute to his hacks, posted by "KurdishKANGAL58" back in August shows many examples of his works, under the title: Cold Hackers Kυrdish Hαcкєяѕ Gяσυρ 2σσ9, but there are actually many other Kurdish hacker tributes, including this one that gives you a nice exposure to Kurdish rap music: Kurdish Hacker " Mr.WaGRaNt " Dünyaya Karsi.
COLDHACKERS VE THT YANI TOLHILDAN HACK TEAM UNLU KURD HACK GRUBU TURKLERIN SANAL KABUSU is one of many other sites, which actually shows the group name "ColdHackers" where they call themselves "Cyber Median's Guerillas".
Zone-H statistics for the ColdHackers gives them credit for 2,661 website defacements on 1,230 unique computers, including 3 hacks in the past 48 hours.
(click image to visit Zone-H)
The team's website, ColdHackers.team-forum.net is still live as of this writing. Members share their PKK pride with avatars such as this one:
Someone on the team also maintains their "cold-hackers.spaces.live.com" website at Microsoft -- which has this example of their photoshop abilities. Famous hackers need a good PhotoShop team!
This image is from their defacement in December of a Turkish government website:
Posted by Gary Warner, UAB / PhishMe at 6:45 AM