14 DAY TRIAL // D35m0nd142, the German hacker known for identifying serious vulnerabilities on high-profile websites in an attempt to show the lack of security, has breached a couple of websites owned by the Turkish government.
The targets are the Turkey Contact Point website of the Ministry of Economy (tcp.gov.tr), and the one of the Central Finance and Contracts Unit (cfcu.gov.tr).
The hacker claims to have exploited a Blind SQL Injection vulnerability on the Ministry of Economy site to gain access to the details of over 96,000 user accounts. However, since D35m0nd142 considers himself to be a grey hat, he has only leaked around 912 email addresses and encrypted passwords.
From the Central Finance and Contracts Unit’s databases, the hacker has leaked 96 email addresses and encrypted passwords.
In addition to these sites, D35m0nd142 has also identified security holes in a Brazilian government website and in a Mazda Taiwan site. In both cases, user and administrator credentials have been published online.