Türk Hack Team Warns Swedish Authorities Of Coming Cyber Attacks.

A message was intercepted on a Telegram channel belonging to a group of Turkish hackers, discussing a potential cyber attack on Swedish Riksbanken.

One of its members using the alias Ghost Killer have been posting some tweets claiming to be behind some attacks on banks and Swedens only and most important online service BankID, which is not a bank by the way, it is an E-ID service.

With BankID, Swedes sign agreements, loan documents and their declaration online at the Tax Agency site. They identify themselves to be able to pay securely on the internet, log in to the Social Insurance Agency, or collect parcels from the post office.

It was required to have BankID in order to get a Corona Passport during the pandemic, which naturally worked very well for all the elderly and those that don't run Windows.

"Your BankID can be equated with a passport or other ID", is what they claim on their site.

The message this hacker group is trying to send to the Swedish government is to stop "Rasmus Paludan" from burning their bible ( The Quran ) .

Besides this, hanging a doll infront of Stockholm City Hall that looks like the Turkish president Erdogan, didn't help much either.

A photo of the doll can be viewed here.

Note: This page is always under update !!!

Sites that Ghost Killer claims their team have taken down are:

• swedbank.se - A bank.
• bankhotel.se - A hotel site.
• bankid.com - Not a bank.
• tech.sverigesradio.se ( a subdomain ) the main site is up.
• ikanobank.se - posted by another user: Maximus
• skype.se - posted by another user:MrInsane
• nakkurakkans.se - posted by another user:MrInsane
• goggle.se - posted by another user:MrInsane
• kalmarolandairport.se - posted by another user:MrInsane
• Stockholm University - Database dumped with 1,000 Swedish University of Stockholm staff, faculty, and student information. Jan 31-2023.

On that note, professional hackers use Linux, Kali Linux, Parrot OS or BlackArch, but basically almost any distribution will work.

However the first screenshots posted on Twitter are from a Windows10 computer, so I can see why Pontus Jonsson, professor of network and systems engineering at KTH, do not see this as an actual threat. Read more here.

Update January 30th:

Another member of Turk Hack Team Anka Team "LichtTHT" claims to have hacked some database containing 1,100,000 Swedish citizens personal data. However, the screenshot provided is unreadable and since there is no Pastebin dump or readable source, it is impossible to confirm this is true.

The same user also claims to have hacked some Danish database containing 640,000 Danish citizens data. This is also impossible to confirm at the moment.

The group also seems to be switching their attacks between Sweden and Denmark.

Türk Hack Team releases Swedish citizens data:

The Turkish hacking group has posted two separate rar-files for download via their hacking forum.

Both files are password protected.

• Part one is 36,62MB
• Part two contains the E-mails: 7,27MB

Details of the leak:

• 309K Sweden Data.txt: E-mails complete with passwords: Additional 309,511 Size: 10,6MB Part1
• 50K Sweden Data.txt: Full names with phonenumbers: 50,014 ( Cellphone ) Size: 2,4MB Part1
• 673K Sweden Mail List.txt: E-mails complete with passwords: 673,361 - many Yahoo.se Size: 20,6MB Part2
• Sweden Phone Number.txt - 2,500 cellphone numbers. Nothing else ! Part1
• Swedish Citizenship İnformation.txt: 1,092140 Full name, address, phone numbers, a few e-mails and company names. No SSN ( Personnr ) RG or CPF.
• Some pdfs included from 2008-2009 and all are publicly available for download.
• Some pdfs are not at all related to Sweden, but were included from US and the UK. Makes no sense why they included this.

Conclusion:

All in this "leak", with the exception of the E-mails and passwords are public information. The e-mails are likely coming from a site data breach or a Pastebin leak. I ran 45 of these emails through several databases and found out that some doesn't even belong to Swedes. There are Americans, Germans, Russian, just saying. None of the first 45 rows of emails were listed in HaveIBeenPwned. One of the email accounts is on a list of accounts that are being sold online and one no longer exists, but the GoDaddy domain is for sale. *.governia[com].

Some of this information might be useful for anyone wanting to target Swedes, but they will need to go though all LISTED email accounts and phone numbers and verify them one by one, which means OSINT.

Türk Team Temporarily Wins As Swedish Police bends a knee:

What the Türk Team has accomplished is to scare the shit out of the Swedish Police Force and Nazi politicians, so there will be no more burnings on the "The Quran", however should NATO really let active Nazis "Swedes" be a part of their NATO alliance ? Have they forgot everything about WW2 and how Sweden helped the Nazis.

UPDATE: February 9th, burning of the Quaran isn't illegal in Sweden.

The Swedish police, who denied a new request to burn the Quaran infront of the Turkish embassy by some unknown group, apparantly doesn't have any legal support in denying this new planned burning of ( The Quran ) . The group have appealed the police decision to the administrative court for a ruling in the matter.

UPDATE: February 16th, burning of the Quaran infront of Iraqs Embassy.

The Swedish police have refused to give permission for another Quaran burning, this time it was planned to take place outside the Iraqi embassy in Stockholm, reports SVT Nyheter. Believe it or not but the man planning the burning of the Quaran is an Iraqi citizen. Now isn't that something....

Finland joins in on attacking Erdogan:

Also, it seems Türk Team did not notice, that Finland did the same as the Swedes. Read more here. Use Google Translator if you don't know Finnish.

But, the hackers have been going after Swedish targets that doesn't matter much and all they have been able to do is create a minor disruption in some services.

You don't know where to hit them, so give it a rest:

To hit them where it really hurts you need to know how their systems are connected, what software is being used, like for example did you know the Police uses JBoss, bet you did not know this, and what other services they are connected to and how to intercept them, what passes through these systems and which systems, what cryptography they use and where to get access to the citizens SSN ( Personr ) of Swedish citizens, "besides" Skatteverket, which in reality Türk Team you don't have access to.

A real hacker does his homework, plans a head and then strikes....