Today I have the pleasure to interview Jonturk 75 one of the hackers that hit high profile targets, including the notorious hacker group OurMine.
Jonturk 75 and the hacker group he takes part in have recently made the headlines news with a series of attacks against high profile targets. Following CNN and Reuters hacks they’ve recently defaced the website of the popular hacker group OurMine.
How did you start your hacking operations?
I’ve started almost 10 years ago. We now act as a group called JRB and have been working together for a long time now.
What is the main motivation behind your attacks?
Our group is composed of 3 people and none of us has a daytime job in IT. These attacks and hacking targets is a way to escape our daily routine. We can say hacking is our hobby.
How do you choose your targets?
We don’t have a set selection procedure for targets. CNN, Reuters and OurMine have been chosen as a way to entertain ourselves. We usually select targets we find interesting such as hosting companies, popular brands and artists.
Do you only perform defacement attacks? or do you also exfiltrate data?
We are specialised in defacement attacks however we do exfiltrate data we think might be useful or be interested at a later time.
How do you approach your targets?
We are very detailed oriented and try to conduct a detailed analysis of the target. We gather information on the website, server and even the hosting providing company. The information gathering phase can take hours and even days.
What are your preferred attack tools? What are the tools you think hackers should have in their arsenal?
We try to limit the use of automated tools as much as we can. Due to their versatility and ease of use, we would say NMAP, BurpSuite, Hydra Metasploit, and SQLMap.
What was your most challenging target?
We enjoy more difficult targets. In one of the targets, we’ve collected the user credentials for the hosting provider of the target, however, changing the DNS records required us to fake a signed and stamped fax application. After deeper analysis, we’ve discovered a vulnerability in the Network Information Center (NIC) of the country which has allowed to gain control of many websites belonging to that country extension.
How do you see large scale attacks such as Wannacry?
Wannacry has had huge financial and technical impact. If we put aside this negative impact we can say that it has contributed in a positive way on the perception and importance given to information security both at the country and corporate levels.
Written by: Alper Başaran
Alper Basaran provides business process focused and goal oriented penetration testing services to his customers. Based in Turkey he has expanded his operations to the Middle East.
(Security Affairs – Hacker, Jonturk 75)