Screenshot of AnonSec’s Deface

AnonSec, the mysterious Kurdish Peshmerga-supporting hacker crew which has become the bane of Indonesian government webmasters (among others), and who claim to have hacked an NSA drone, has a new target.

Tiny Turkish ecommerce sites.

In a list posted to Facebook two hours ago (and confirmed by your loyal journalist, at the cost of a hundred virus warnings, thanks Avast) they claimed responsibility for defacing 48 small and possibly inactive mostly Turkish shop sites. All of the sites are from the .tk Turkish top level domain except:

freepakistanclassified.com/index.php, advertisewith.us/index.php, technologybloq.com/index.php, betterplaces.net/index.php, bestcanadianblogs.com/index.php, discovermagazine.cf/index.php, db-optimum.com/index.php, bestcomputershop.ga/index.php, amazonshop.cf/index.php, websterguru.com/index.php, and informationblog.ga/index.php.

The  sites seem to have been picked more or less at random, by simply searching for ShopX.tk where X was a variable word. The list includes everything from ShopWeed to ShopChurch. None of the sites had any Googlerank worth mentioning, so it seems to have been a case of going after low-hanging fruit. Abandoned, disused, or improperly maintained websites are clusters of vulnerabilities which make it easy for a simple attack to deface them.  It’s not unusual for hackers to have a list of vulnerable websites saved up for special occasions and when the day hits, BANG!

There is no evidence that the databases of the sites have been breached: the sites have simply been defaced with a menacing, gloomy greyed-out Anonymous logo and some congruently depressing music.

And why Turkey?

Given the state of affairs on the Turkish/Syrian border, it’s hard to know anything for certain but yesterday’s fall to ISIS of Kobani, a key Syrian town near the Turkish border, has heartened ISIS supporters and dismayed Western sympathizers including non-ISIS Syrian Free Army. Peshmerga fighters from Kurdistan had been doing their best to hold it, but were pushed back amid heavy fighting and calls for greater support. A demonstration of Turkish weakness taunts Turkish president Erdogan, who has publicly called for support of the SFA and refused to get involved.

“We asked for three things: One, for a no-fly zone to be created; Two, for a secure zone parallel to the region to be declared; and for the moderate opposition in Syria and Iraq to be trained and equipped,” he told Syrian refugees yesterday.

This gloomy quote from the New York Times might hold the key to the Turkish AnonSec hack:

While Turkish troops watched the fighting in Kobani through a chicken-wire fence, Turkey’s president, Recep Tayyip Erdogan, said that the town was about to fall and Kurdish fighters warned of an impending blood bath if they were not reinforced — fears the United States shares.

But Mr. Erdogan said Tuesday that Turkey would not get more deeply involved in the conflict with the Islamic State unless the United States agreed to give greater support to rebels trying to unseat the Syrian president, Bashar al-Assad.

In other words: Turkey literally stood by and watched the Kurdish Peshmerga do the fighting, while blaming the US. This cannot have sat well with the Peshmerga hacking crew AnonSec. The government border guards have also prevented Kurdish fighters from taking their cars across the border in either direction. A 40-year-old Kurdish fighter with two sons on the front line in Kobani told the Independent, “It’s evil not to help us – ISIS and the whole world are evil. Maybe if we started cutting people’s heads off the world would give us weapons.”

The implications in the cyberwar field are serious: AnonSec is not to be trifled with, but Turkey is also a bastion of heavy-duty hackers; they, however, are generally no more pleased with Erdogan (whom they have christened “Erdofag”) than the Kurds. Should the two groups unite, the only certainty would be that I’d rather be anyone other than Recep Tayyip Erdogan.

Even Barack Obama.

Categories: AnonSec, Anonymous, Breaking, Crews, Cyberwar, Defaces, Hackers, ISIS, News, Peshmerga, Security, Syria, Turkey