Opens profile photo
Follow
hakan
@hatr
researching and writing on state-sponsored hacking groups , sometimes osint, sometimes python
Joined June 2009

hakan’s Tweets

It’s the weekend — you all have time to read this fascinating investigation now!
Quote Tweet
Re-upping this for the pretty big "ok, I want to read a story on cyberespionage and attribution that has some cool graphics and walks me through the findings in a clever wayi"-crowd on this bird site twitter.com/hatr/status/14…
1

Topics to follow

Sign up to get Tweets about the Topics you follow in your Home timeline.

Carousel

Re-upping this for the pretty big "ok, I want to read a story on cyberespionage and attribution that has some cool graphics and walks me through the findings in a clever wayi"-crowd on this bird site
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
13
32
Leaving Moscow after 5 d of intense conversations. Early in the week most people were hopeful about signs of deescalation. Moderates thought Kremlin was calming down. Hawks believed RU would get what it wants merely by mil posturing. This changed in past 2 days.
22
383
1,072
Show this thread
"Russia don't touch Ukraine!" 6 people unfurled banners against invasion in downtown Moscow. Waiting police immediately arrested them
Embedded video
0:08
1.4M views
707
6,330
13.1K
Re-upping this for the pretty big "ok, I want to read a story on cyberespionage and attribution that has some cool graphics and walks me through the findings in a clever wayi"-crowd on this bird site
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
13
32
Interesting 🧵. This seems to be an internal Rosgvardiya letter. FSB states all power ministry personnel (esp military) need to stay off their cell phones. States carelessness led to intelligence intercepts & to "disclosure of leadership intentions" in foreign media.
Quote Tweet
Пару дней назад нам слили якобы письмо одного из командующих Росгвардией, в котором тот со ссылкой на ФСБ говорит что «небрежное обращение с секретной информацией со стороны сотрудников силовых ведомств (особенно МО) привело к утечке планов руководства РФ в западные СМИ» 1/7
Show this thread
Image
3
38
70
Great story on a formidable hacking organization with ties to the FSB.
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
1
5
Pokémon meets Exploding Kittens: Impressive investigative research on Russian hacker group Turla and extremely cool visual storytelling by a team of reporters from German public broadcasters BR and WDR.
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
1
3
4
Finally done with this. So much to say/think about. For now, I‘ll just say that this podcast, on many levels, re-invented/expanded the way I thought storytelling can be done. Highly recommend it
Quote Tweet
i'm midway through episode 6 of this trojan horse affair podcast. it is so very good up until now. The rage in ep 5 tells you so much about underprivileged/overlooked people suddenly having a chance to do meaningful work and how that can lead them to overdo it/make mistakes
2
20
“As of this moment I’m convinced he [Putin] has made the decision,” to invade Ukraine, Biden says in response to a reporter’s question. “We have reason to believe that.” Asked why he thinks that: “We have a significant intelligence capability.”
16
155
473
Show this thread
Head of the LNR posted a video about evacuation on the state news outlet, but the metadata shows that the file was created two days ago (Telegram retains metadata). Testing some other videos on the channel to see other creation dates, will post below.
Quote Tweet
📢Згідно із метаданими відео про "евакуацію" з очільником окупаційної адміністрації РФ на окупованій частині Луганщини Пасічником, його було записано щонайменше за 2 доби до публікації, 16.02.2022. Тобто ще до того, як за версією РФ "Україна почала атаку"
Image
Image
71
2,003
2,868
Show this thread
This shows how far OSINT can get you, and it's pretty impressive
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
3
69
297
If Sandworm has been Russia's most fascinating cyberattack group, Turla has been the equivalent for cyberespionage: Satellite CNC links, USB-based malware, hijacking Iranian hackers to look over their shoulders. Here et al finally show evidence of their affiliation: the FSB
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
43
110
You Like Thrillers? With good animation? And Cyber? You should read the latest piece of and others focusing on FSB hackers.
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
1
3
5
Show this thread
Wow, this is marvelous reporting! Fun to read, exciting, well researched and visually appealing! It shows how individual puzzle pieces can lead to #attributionof #cyber incidents. Well done ! #turla
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
3
11
hallo, wdr und br haben hier eine verdammt spannende recherche veröffentlicht:
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
2
2
Extraordinary sleuthing here by some of Germany’s most dogged and creative investigative reporters
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
1
15
60
As usual & team excel in not only providing excellent information, but also managing to convey it visually and easily digestible.
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
3
6
This is fantastic reporting and a really great case study of OSINT supporting CTI.
Quote Tweet
New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. interaktiv.br.de/elite-hacker-f
Show this thread
Image
9
35
We have also seen non-public intel reports produced by Crowdstrike and BAE Systems. They've been tracking Turla for years, obviously. The many findings described in their reports serve as additiional, and crucial, corroboration.
1
7
90
Show this thread
We have no indication that the suspected developers are still working with Turla. Which is one of many reasons why we chose not to name them. We stick to their developer handles left in the malware. The illustrations are based on real images, but have been altered.
Image
4
8
86
Show this thread