A hacker known as ROR[RG], a prominent member of the notorious “Hell”, has released a massive database belonging to the Turkey National Police. ROR[RG] isn’t a stranger to headlines, being the hacker behind the Adult Friend Friend breach, exposing the personal details of nearly 4 million users. Despite recent reports by the media, ROR[RG] isn’t associated with Anonymous in any way at all.
In order to better reach the public, ROR[RG] passed along the hacked data to “Cthulhu”, a privacy activist who is known to host hacked data, just recently he hosted the hacked data of a US police union. On the website, it is made known that “in light of various government abuses in the past few months” by Turkey, ROR[RG] “has decided to take action against corruption by releasing this.”
With Cthulhu now hosting the data, ROR[RG] uploaded it as well. He provided instructions on accessing the data in a “README” file on a server hosting the database among other things.
He explains that the data released comes in two parts, the first part being a 5GB disk image that can be mounted which can then be made use of with an executable that can be downloaded. ROR[RG] explains that “The data has been parsed for use with “Sorgu.exe” made by a “Turkey gang” which most members have been arrested. All there data is currently in the hands of HeLL.”
The second part would be considered the “main” part since it consists of MySQL backup files mostly in .myd, .myi and .frm file formats. The total size uncompressed is 22GB.
He then goes on describe how this data was accumulated.
“The data has been taken over the past 3-4 years while newer data has been taken
with the use of GovRat (Police_2015, Court, and Bank) starting from 2014 to 2015.”
The statement on Cthulhu’s mirror of the data appears to corroborate this claim. “The source has had persistent access to various parts of the Turkish government infrastructure for the past two years”
Additionally, he lists what data was actually obtained.
“The following data has been obtained in total:
Hospital 2014 (74 million people)
He then concludes with the promise that “more will come….”
Ever since Cthulhu’s mirror has gone up, there have been attempts to take it down. The people behind these attempts appear to be knowledgeable of very sophisticated methods that are known to be able to take down sites. The methods that they have used include but are not limited to, hit it with a DDOS attack, report it to the FBI, and threaten to kill the admin.
Cthulhu and his mirror at the time of writing are still fine.