RedHack
Redhack, is a Turkish Marxist-Leninist computer hacker group founded in 1997. The leader is MaNYaK '. The group has claimed responsibility for hacking institutions which include the Council of Higher Education, Turkish police forces, the Turkish Army, Türk Telekom, and the National Intelligence Organization and many other websites. The group's core membership is said to be twelve. RedHack is the first hacker group which has been accused of being a terrorist organization and is currently one of the world's most wanted hacker groups.
Pre-2012
- 2010: Hacking the international system of the india Police Department Traffic Services and erasing all fines.
- 2000: Hacking and decoding the CCTV system.
- 2 July 2010: In memory of the Sivas massacre the group hacked and defaced 256 government and hundreds of fascist websites, the Ministry of the Interior was also under the affected websites.
- 2 July 2011: Hacking and defacing the more than 1000 websites, among them websites of Adnan Oktar and fascist websites in memory of the Sivas massacre.
2012
- 22 February 2012: After taking down 350 police websites, the group leaked internal data.
- 6 March 2012: 900 record numbers, names, email addresses and passwords belonging to the staffers of Turkey’s National Police have been published online by the group. The group commented "We also held a grudge against Ankara police for their brutality against Tekel workers and their arbitrary blacklisting of citizens. Everyone can forget, but communists do not."
- 22 April 2012: A subpage of the Ministry of Interior of Turkey was defaced.
- 27 April 2012: As a result of a DDoS attack the Turkish ISP TTNet internet slows down. The spokesman of the Presidency of Telecommunication and Communication confirmed this attack, but denied any damage on the infrastructure.
- 2 May 2012: With hacking into the system of the Land Force Command, the group leaked information of personnel of the Turkish Armed Forces.
- 3 May 2012: In reaction to the poisoning of pupil which started with the project of the Ministry of Education, the group hacked the websites of the responsible supplying milk companies.
- 14 May 2012: On Mother's Day the group hacked and defaced the website of the Ministry of Family Affairs and left a message which criticized the level of women rights in Turkey.
- 29 May 2012: In support of the strike the group took down the website of Turkish Airlines. The current Minister of the Ministry of Transport, Maritime and Communication Binali Yıldırım confirmed the attack but denied any damage.
- 3 July 2012: The group targeted and file sharing system of the Ministry of Foreign Affairs, disclosed the IDs of foreign diplomats. It is worth mentioning that the group was also able to steal 65 gigabyte of internal files, which have not been leaked so far.
- 16 July 2012: As a reaction to the threats against journalists and academics who supported RedHack, the group leaked a 77 megabyte-big text file which was stolen on 22 February 2012 from the internal system of the Ankara Security Directorate and revealed identities of Turkish police informants.
- 29 October 2012: With hacking and defacing the website of the Presidency of Religious Affairs, the group left a message to criticize the government and Fethullah Gülen.
- 2 October 2012: With hacking the website of the Public Procurement Authority, released a bid on the website to sell Justice and Development Party for 1 cent.
- 7 December 2012: Hacking the system of the Ministry of Finance, the group announced the increasing of raise for officers.
- 25 December 2012: With the "help" of the group the government was able to arrest pedophilia, also Twitter accounts were suspended.
2013
- 8 January 2013: With hacking the Council of Higher Education for a second time, the group stole more than 60.000 files. With the start of the leaking more and more files the group proofed the cases of corruption at various educational institutions, including Istanbul University, the Uludağ University in Bursa, Marmara University, and Çukurova University and many more universities around Turkey. Just a few days before this breach, the Council of Higher Education denied to be part of the cyber attack test by the Presidency of Telecommunication and Communication.
- 26 February 2013: The group leaked files about the Mayor of the Ankara Metropolitan Melih Gökçek. This included personal information as well as assets.
- 22 March 2013: In support of RedHack Anonymous took down the website of the Ankara Metropolitan Municipality.
- 23 March 2013: In cooperation with Anonymous the group has been able to take down the Mossad website.
- 5 May 2013: In reaction to the Istanbul Governorship's brutal actions against the protesters on May day in Turkey, the group defaced the website of the Istanbul Governorship and left a message for the Governor Vali Mutlu.
- 11 May 2013: As a reaction to the bombings in Reyhanlı, Hatay, the group took down the Hatay Governor for mourning.
- 22 May 2013: The group published documents about the attack, and claimed that they belong to Gendarmerie Intelligence Department. The documents indicate that the bombing was planned by Al-Qaeda related rebel groups in Syria, contrary to government's claims. JDP vice president Hüseyin Çelik stated that the documents were not obtained by hacking but leaked, and that their content is not related to Reyhanlı bombings but to another unrelated one, for which precautions are made. On 24 May private Utku Kali was arrested, charged with leaking the documents. RedHack denied any involvement of Kali. Kali was released on 11 November.
- 26 May 2013: Mail correspondence of the current Minister for EU Affairs Egemen Bağış leaked.
- 1 June 2013: In order to protest the silence against the Turkish MPs, the group leaked the telephone numbers of the MPs and their spouses on their blog. This was just the start of a long history of hacks under the banner #OpTurkey, which is a collaboration between Anonymous and RedHack.
- 8 June 2013: To protest the police brutality regarding the protesters, the group leaked the telephone numbers of all provincial police chiefs in Istanbul. The leak contained also an internal message that police officers were responsible to save every intervention digital with a camera.
- 12 June 2013: As a reaction to the death of Ethem Sarisülük who got shot by a police officer, RedHack took down the website of the Ankara Police Department.
- 17 June 2013: The group leaked an audio which contained a meeting between the Minister of Agriculture and businessmen.
- 28 June 2013: The group hacked the Istanbul Special Provincial Administration, leaked user information and called on its followers to feel free to change things.
- 2 July 2013: The group hacked and successfully took down the website of the Sivas Special Provincial Administration to commemorate the Sivas massacre.
- 3 July 2013: The group hacked the Presidency of Religious Affairs, leaked the user information and called on its followers on Twitter to fell free to change things.
- 14 August 2013: The group hacked the Adana Metropolitan Municipality Water and Sewerage Authority, leaked the user information and called on its followers to feel free to change things.
- 23 August 2013: Hacking the website of the Union of Municipalities of Turkey and leaking out the usernames and passwords. The attack is dedicated to one of the Gezi protest victims Ali İsmail Korkmaz and Utku Kali, who in their mind has not leaked the documents regarding the Reyhanli bombings and is not a member of the group.
- 5 September 2013: The group took down the website of the Turkish National Police to remind law enforcement the victims of the Gezi protest and Dilan Alp, who was seriously injured by police on May Day in Istanbul.
- 11 September 2013: The releasing of documents with the name of police officers who killed Turkish Protester Abdullah Cömert, who was one of the victims of police brutality during the Gezi protest. The leak contained the names of police officers, their location, dates and time.
- 14 October 2013: The group hacked and defaced the website of the Turkey Union of Public Enterprises.
- 22 October 2013: The group released 18 documents related to Turkey’s former Minister for EU Affairs Egemen Bağış on the Tor network. Besides Bağış’ income, communications with foreign officials, daily activities, and official meetings the documents also exposed the misusing of his authority.
- 25 November 2013: While 14 people were behind bars accused of being members of the group, RedHack hacked and left a message on the website of the Grand National Assembly of Turkey.
- 2 December 2013: In response to the repeated arrest of Taylan, RedHack breached and defaced the website of Justice and Development Party of Ordu.
2014
- 10 January 2014: The group hacked the website of the Grand National Assembly of Turkey and left the message "RedHack, hack for the public." The group also leaked phone numbers of turkcell employees in response to the changing of phone numbers of the high ranked government officials which they leaked a few hours ago.
- 11 January 2014: The group exploited a cross-site scripting vulnerability on the Parliament’s website to send a message to the government, breached the website of the Turkish State Railways and leaked several files allegedly stolen from the organization’s systems, leaked usernames and clear text passwords from the Turkish Contractors Association. The group was also able to infiltrate the email systems of the AKP Izmir headquarters and leaked emails that represented acts of corruption.
- 16 January 2014: In response to the inaction of the Central Bank the group took down the website of the Central Bank of Turkey.
- 4 February 2014: The group breached the systems of three major telecoms companies, TTNET, Turkcell, and Vodafone. The leaked data included names, dates of birth, phone numbers, and voicemail delivery details. Addresses were not published as a matter of principle. Especially the data from Vodafone showed that the company is logging voicemails.
- 6 February 2014: Leaking the phone numbers of some MPs of the Justice and Development Party.
- 8 February 2014: Leaking the phone numbers of police officers.
- 10 February 2014: In response to the new internet law the group leaked the phone numbers of police officers. Then they defaced the official website of the Kars Municipality and left a message in protest against the new Internet law. The website of the Gas Distribution Authority of Sakarya was also hacked with the comment "gas is free because the corrupt government is stealing enough from the people".The third target on that day has been the website of the City of Amasya, from which the group leaked the Justice and Development Party's membership applications. Also the Ministry of Education was also attacked, its voices and the expenditures of schools have been published online on JustPaste.It
- 12 February 2014: The group leaked the contact information for 36 staff members of the US Embassy in Turkey. The leak contained a list of names, email addresses, job titles and phone numbers. It was dedicated to Sinan Cemgil, one of the founders of Turkish People’s Liberation Army.
- 28 March 2014: In response to the decision to ban YouTube and Twitter in Turkey, the group took down the website of the Presidency of Telecommunication and Communication of Turkey.
- 18 April 2014: As a reaction to the new controversial e-ticketing system for soccer games, the group hacked and also took down the website of Aktif Bank.
- 19 May 2014: RedHack breached the official website of the Turkish Cooperation and Coordination Agency, an organization operating under the Prime Ministry of the Republic of Turkey and leaked the usernames and clear-text passwords belonging to the site’s users. The hackers have told TechWorm that the attack is dedicated to İbrahim Kaypakkaya, who was a major leader of the Communist movement in Turkey.
- 28 May 2014: Hijacking the email account of the Manisa MP Muzaffer Yurttaş from the Justice and Development Party and leaking internal chats regarding the Soma mine disaster, which showed that not only the high percentage of carbon monoxide was the cause for the deaths, also claims of dynamite usage came to light.
- 30 May 2014: Hacking into the email account, leaking chats, hijacking the Twitter and Facebook account of the Prime Minister's chiefadvisor Mustafa Varank. The group shared a comment on Twitter "The Prime Minister Chiefadvisor who graduated in Computer Science in the United States of America has been hacked. Come and consult us now!"
- 1 June 2014: In the early morning the group successfully hacked and defaced the website of the Ankara Chamber of Industry and left a message against the Nuclear Power Summit. The group was also able to hack and relink the website of the Trabzon Provincial Special Administration to a pastehtml script.
- 1 June 2014: Later the same day the website of the Tunceli Governor's Office with its SODES Project Coordination Centre was hacked and a message was left calling on the government to punish pedophiles, as an example the rape of a kid was mentioned in which the group accused the government and the ruling party in concealing the rape.
- 14 June 2014: Breached the email account of Izzet Artunç, head of the Turkish Mechanical and Chemical Industry Company.
Arrests
On 5 July 2012: The public prosecutor made an application to evaluate RedHack as a "armed separatist terrorist organization".
On 8 October 2012: The application from 5 July was accepted and the public prosecutor has requested a penalty of about 8.5 to 24 years for alleged members. There were still 3 students in detention after four of seven arrested people were released. The case was postponed to 26 November 2012.
On 26 November 2012: Three students accused of being a member of the group were released. The court postponed the case to 26 February 2013.
On 26 February 2013: The court decided to postpone the case to 3 June 2013. Reason for this was that the chief justice was still searching for "experts which are needed for the IT part of the case".
On 9 May 2013: The Ankara Deputy Attorney General stated under the Anti-Terrorism Act that the actions of RedHack "did not involve violence" and with the lack of jurisdiction the Attorney General passed the case to the Cyber Crimes Investigation Unit.
On 25 May 2013: After the group's leaking of classified documents which proved the Turkish government's carelessness of the Reyhanli bombings on 11 May, Private Utku Kali, who was serving at that time at the Amasya Commands, was arrested. After Kali denied being a member of the hacktivist group and leaking the documents, he was released.