Hack the Turkmenet!
Media and Internet, Photoblog, Turkmenistan12 Comments
Editor’s note: The Turkmenet may be very small and very young, but it’s certainly developing at a remarkable rate, and not always in ways that can be clearly said to be good or bad. neweurasia’s Annasoltan explores the rise of hacking in this new space and its particularly Turkmen flavor. [The images above are proxy instructions for a Symbian-enabled smartphone from a Turkmen social site. Sensitive information has been removed from them for security reasons.]
Despite the Internet having so little penetration in Turkmenistan – somewhere in the vicinity of 1.6% of the population or 80,400 users according to the World Bank and United Nation’s International Telecommunication Union (ITU) – already it’s exhibiting many of the hallmarks of a much more mature cyberscape, right down to hackers.
The cyber-attack against the Chronicles of Turkmenistan this past summer, not to mention the related e-mail sent to neweurasia, was quite an eye-opener on the Turkmenet’s rapidly increasing capacities for digital misbehavior (although Schwartz suspects that the hacker from that incident, “0fx0”, was a hired gun). Since then, there have been cyber-attacks against the personal accounts of several prominent Turkmen journalists and human rights activists, including against a close friend of mine.
However, far less dramatic has been the emergence of more “mundane” — but no less dangerous — forms of hacking.
Not long ago, there appeared a scoundrel on Turkmen social sites who seemed very adept at exploiting the peculiar policy and experiential conditions of the Turkmenet for some nasty personal – and perhaps political – gain. To begin with, he created a fake version of the former Teswirler.com site. To more experienced Internet users, this proved to be a classic phishing scam, i.e., a way to obtain the login and password data of visitors, but sadly, many Turkmenetizens, unaware of even the phrase “phishing”, fell victim to it.
In another post in Ertir.com, this same hacker employed another thinly-veiled phishing scam, this time around exploiting the fact that many external social networks like Facebook are banned or otherwise very difficult to access from within Turkmenistan:
”On behalf of TmDesign Group, we intend to open a new social site. As you know, Mail.ru agent in Turkmenistan has begun to show various failures and spams. We aim to open a site that would substitute Mail.ru [as well as] Facebook, Odnoklassniki and other social sites. We are collecting people for testing the site. Since work has not been finished, you could tell us our mistakes. You can connect with us through Facebook. If you have no Facebook membership, you can access us via XXXXXXXX. The URL address of our site is XXXXXXXXXX.”
And even earlier, this hacker launched what seemed suspiciously like an intelligence campaign against Turkemenet-based malcontents, real and potential:
“Hi, how are you? I just joined and hope to befriend myself with you. The reason I came is by no means coincidental. As you all know there was a shooting incident in Ashgabat between two men and the Turkmen authorities. They said that one of the men had died and the other was arrested. This is a lie! He was not arrested. If you want to see under what conditions Arslan has been hidden from the people [i.e., of Turkmenistan], check out the pictures that I have collected for you. I don’t want to violate the rules of this site by showing these photos here. I prepared a slide show; if you want to download it, the address is XXXXXXXXXXXXXX Share this link if you want to know what this government has done.”
Alas, over 500 Turkmenetizens took the bait and ended up downloading a virus file that overloaded computers with a flood of programs opening rapidly one after the other.
These incidents have made the Turkmenet a jittery place. One social site user recently put it very well:
“Imagine what harm an attack from a highly skilled programmer can inflict. It’s easy for a government to order somebody to do it for some money without taking any responsibility.”
The Turkmenet is by no means a “normal” corner of the Internet because of the unique conditions being imposed upon it from the offline world. The simple fact that there are no laws in Turkmenistan protecting IT user rights makes Turkmenetizens vulnerable for such attacks, and many website designers and managers simply lack the security skills to ward them off.
More existentially, though, the Turkmenet operates under constant fear of spying, and very rapidly there is growing awareness that the very tools which could possibly enlighten or even liberate our society might also be used to inflict terror and control over us, as well. For instance, the police can obtain the list that includes the names of people with Internet access. The authorities use IP tracking to locate Turkmen citizens abroad, and there are rumors that the authorities are collecting information from Facebook to spy on those of their citizenry who have managed to get onto the social network.
The eyes really are watching: recently, two third semester students were evicted from the Transportation Institute because of critical remarks they wrote in a Turkmen language chat forum.
However, not all hackers on the Turkmenet have bad intentions. I’ve seen users distinguish between “white” and “black” hackers, with the former trying to bypass the government’s heavy censorship on the Internet and who are ready to share their methods and tools for free with their fellow Internet users. Among these has been a hacked version of the mobile browser Opera Mini 6.0 adapted to Turkmenet conditions and nicknamed “Turkmen Opera”. It has in-built proxying, so the amateur Turkmenetizen doesn’t need to be a coder in order to use it. Similarly, there’s now a hacked Turkmen version of Mail.ru.
It’s an exciting time to be on the Turkmenet, as inspiring as it is frightening.