Turkish hacker groups focus cyberattacks on Dutch websites, incl. NL Times

Turkish hacker groups targeted a large number of Dutch websites after the political fallout between the Netherlands and Turkey over the weekend. The NL Times website was also targeted.

NL Times was the victim of at least two DDoS attacks on Sunday and Monday, in an attempt to take the site offline, according to a Turkish-language Facebook group linked to cyber-attackers. In a DDoS attack, a large amount of traffic is sent to specific servers, causing them to crash.

Website Rumag was hacked on Monday, according to NU.nl. Pro-Turkish and anti-European texts with a photo of Turkish president Recep Tayyip Erdogan were posted on the site. After the Turkish text a message was displayed in English. It read: "Hey Europe, you often talk about democracy, human rights and freedom. But your fear of 'Great Turkey' shows your colonialist, racist and fascist crusade mentality and shows your true face." The message is signed by hacking group Cyber-Warrior Akincilar.

A large number of websites hosted by Versio were also hacked into. On some sites messages were left signed by several members of Privatehackers.com. On the forum of this Turkish language website, multiple topics were opened since the increased tensions between the Netherlands and Turkey. In these topics claims are made that between 95 and 1,500 Dutch websites were hacked.

Some of the websites were taken over and messages were left. One read: "You Dutch think we will do nothing, but you are wrong. We will never forget what you have done to us.", according to NU.nl. While no direct reference is made to the diplomatic row between the Netherlands and Turkey, the message does seem to refer to it. 

Versio confirmed that there was indeed a hack, but could not yet confirm where it came from. On the Versio forum director Reshad Bashir announced that charges were pressed with the police and that "because of the sensitivity of the issue" he can not say more about the circumstances of the hack. He did say that two servers were hacked and that no user data or passwords were stolen. The affected websites have been restored and additional measures were taken to prevent something like this happening again.