by Misha Glenny
The country’s complicated political structure had assumed a new shape since the AK Party became the dominant force there in the elections of 2002. Given that more than 90 per cent of Turks were Muslim, the fact that an avowedly Islamic party had won a landslide victory was not in itself surprising. The AK Party insisted that its religious faith was subordinate to its commitment to democracy, much as many moderate conservative parties in Europe refer to themselves as Christian Democrats.
But Turkey boasted another ideological tradition of immense power – Kemalism. Named after modern Turkey’s founder, Kemal Atatürk, its guiding principle proposed the complete separation of Church and state. The ubiquitous presence of Atatürk’s image in shops, homes, offices, barracks, hospitals and prisons reflected a deep reverence for his legacy of secularism among Turks (as well as a fear of arrest for non-compliance).
Kemalism, however, comes in a variety of flavours. Its two most fervent supporters come from the secular middle-class elite: intellectuals, professionals and civil servants on the one hand, and the so-called Deep State on the other. Both view the AK Party, and each other, with suspicion.
The Deep State is an appropriately sinister name for the military-industrial complex that acted as the ultimate arbiter of Turkish politics in the post-war period. As one of only two NATO members to share a border with the Soviet Union (the other was Norway), the country played a key role in the Cold War, and its allies, led by the US, were happy to turn a blind eye to the egregious abuses inflicted by the military on its own population.
During its repeated interference in political life, Turkey’s security establishment sank its teeth deep into the country’s economy as well, until it was sometimes hard to distinguish between the predator and the prey. It protected this enmeshed and lucrative involvement by appealing to Kemalism: if it considered its business interests were threatened by the fragile democratic order, the military would intervene, claiming the need to protect the Atatürk heritage. By tradition, the armed forces let nothing or anybody stand in their way. To paraphrase an old Turkish saying, ‘Shake hands with the Deep State and it’ll rip your arm off.’
But for the last fifteen years or so successive Turkish governments have instigated a series of reforms, partly in a bid to meet the membership criteria of the European Union. Notwithstanding fears that it has a hidden extremist Islamist agenda, the new rulers from the AK Party have pushed through some of the most liberal changes in Turkish society, such as the abolition of the death penalty. In another attempt to consolidate the primacy of the rule of law, the AK Party has been weaning the country’s regular police forces away from the military.
This process has led to some remarkable and very positive changes. Parts of the civil service began to understand that their primary job was not to feather their own nests, but to provide services to ordinary people; and that an efficient Turkish state enhances its international influence and standing.
But the slow birth of a new Turkey has not been a painless process, nor has the outcome ever been predictable. It has been accompanied by a titanic political struggle in which shifting alliances between opaque forces can prove deadly for anybody who, wittingly or unwittingly, comes between them.
The main theatre of war between these forces was opened officially in 2007 with the launch of the so-called Ergenekon investigation. Ergenekon, which refers to an epic legend of ancient Turkic lore, was more recently the name of an alleged Deep State conspiracy, which saw leading military, intelligence and political figures collaborate with organised crime, journalists, lawyers and other professionals. Their supposed aim was to restrict the influence of democratically elected governments, in particular the AK Party. But according to prosecutors and pro-government media, the plot went further – the Ergenekon members were planning a military coup in 2009 to restore the power of the Deep State over the elected government.
Since 2007 police have made hundreds of arrests of senior military and intelligence figures in what are called the Ergenekon ‘waves’. But along with these, they have picked up dozens of journalists and lawyers whom they accuse of working with Ergenekon for pecuniary or ideological advantage. The small but articulate class of liberal intellectuals and the larger middle class have warned that the democratic government is resorting to the sort of intimidation usually associated with the Deep State. In a sign of the times, the Ergenekon indictment relies heavily on digital evidence – mobile-phone taps, instant messaging and computer files, demonstrating the growing cyber abilities of the domestic intelligence services.
Bilal Şen had no role to play in any of this, except that his diligence, commitment and youthful energy appeared to align him with the new Turkey rather than the old. Yet, like most Turks, he was keenly aware of the sensitive political context within which he and everyone else worked. The last thing any Turkish cop wanted was to become an innocent pawn crushed in a struggle between the Deep State and the democratically constituted government. Almost all Turks avoided public discussion of Ergenekon if they could. But all knew that the Ergenekon investigation hovered in the background of many major criminal cases, whether or not it contained overt political implications.
Bilal would have to take care, but he was not about to give up the chase.
While in Pittsburgh, he and Mularski developed a firm friendship and the FBI agent shared all the intelligence he could on Cha0. Between the two of them, they began to build on their sparse dossier. Mularski was able to call on his vast archive as one of DarkMarket’s key players, and Şen was able to read the Turkish runes. The Inspector wanted to assess Cha0’s personality to see if it matched any known cyber criminals back home: a lot of documents were scanned, then sent back and forth between Ankara, Istanbul and Pittsburgh.
If things weren’t baffling enough already, they took an even stranger turn soon after Inspector Şen returned home to Ankara. A weird image was circulating on the Web.
Bilal could barely contain his anger and frustration. Agent Mularski had sent him a photograph, which had appeared on Haber 7’s website and then the San Francisco-based Wired magazine. Sitting on a chair in his underpants was the mystery man, Kier, being compelled, it appeared, to hold up a piece of paper on which was written:
1 I AM A KIER. MY REAL NAME IS MERT ORTAÇ
2 I AM A PARTNER OF THE MEDIA
3 I AM RAT. I AM PIG
4 I AM REPORTER
5 I AM FUCKED BY ChaO
Half of Istanbul’s police force was looking in vain for Kier – or Mert Ortaç, to give him his real name – but Cha0 had succeeded not only in tracking him down, but in kidnapping and humiliating him as well. It was perfectly possible that the man’s life was in danger. What in God’s name was going on?
For Bilal Şen, it was axiomatic that to take at face value anything related to the Web was unwise. As an experienced surfer of criminal boards and a student of people’s Internet behaviour, he knew that people lied, cheated, exaggerated, deceived and conspired as a matter of course. But the history of DarkMarket in Europe, and especially in Turkey, went beyond this quotidian dissimulation to evolve into a surreal tale of skulduggery, espionage and betrayal. And one with no apparent end.
Part II
28
CIAO, CHA0
From his research on DarkMarket with Keith Mularski, Inspector Şen knew that Cha0 had his own website: CrimeEnforcers.com (a play on the phrase Law Enforcers, which the criminal fraternity long ago reduced to the acronym LE as it cropped up so frequently in online discussions).
On the CrimeEnforcers home page, Cha0 explained its aims and services:
We are private organisation for your special developing requests. We are focused at Electronic and Computer Engineering. If you need special hardwares (especially hi-tech) nor software that can not be done or even discuss in your Country because of any reason such as laws etc. then u are at the very right place.
We are offering absolutely anonymous & offshore developing for your projects. We dont care what you want t
o do with hardwares and softwares you requested to be done by us.
Needless to say, your privacy is very important for us and we dont share with anyone else because of any reason. We don’t need your Name, Adress etc. We only need your email. You will have a certificate and account for secure login to our private forum for tracking your development, you even may ask question to engineers who engineering your project.
If you reach this Web Site then you already know us. We are not cheap developers and we cant make partnership with you. If you wish to your dreams to come true then u have to have enough money to invest for your dreams. You even have to pay for request for quote from us for your project.
Once you adapted to his slightly mangled Globish, Cha0’s business plan became clear. He was offering logistical services and backup for anyone interested in exploring a career in cybercrime. Rather than commit the crimes himself, he was making it easier for less-skilled computer users to engage in the practice. Computer crime was beginning to ape business models from the real world.
On other pages of CrimeEnforcers.com you could review Cha0’s wares. His signature product was the skimmer, and it was not long before Cha0’s mail-order service for skimming devices flourished into a significant business.
CrimeEnforcers also offered mobile credit-card readers – portable point-of-sale (POS) devices of the sort you find in most restaurants. In early 2007 police officers in several parts of England uncovered a ring of petrol-station attendants who had bought a job lot of these devices, which, it is thought, originated either from the Canadian DarkMarketeer, Dron, or from Cha0’s factory. When the customer handed over a credit card, the attendant would swipe it deftly under the counter through the illegal reader to register its details, before swiping it again through the legitimate machine.
For those taking their first uncertain steps in the field of cyber criminality, CrimeEnforcers was replete with helpful tips that made the process so much easier. For absolute beginners, CrimeEnforcers posted helpful videos in which an animated Cha0, blessed with an electronic voice that still betrayed the distinctive timbre and lilt of the real man, offered tips and guides on how to choose the best ATMs when planning to execute a crime.
He taught his audience, for example, that installing skimmers on ATMs where there was a high concentration of illegal immigrants was a bad idea (not much ATM traffic, a lot of prying eyes and too much criminal competition). Instead, he suggested placing them near nightclubs, ‘where rich children will often use their parents’ credit cards’.
As a reliable supplier to criminal industries, Cha0 saw his name spread rapidly across the Internet, so it became extremely important to him to consolidate his reputation and escape detection.
Axiomatic was the general use of Globish, a second language of bastardised English, which had become the lingua franca of the Web, acting as a cipher that enabled Brazilians to communicate with Koreans and Bulgarians with Indonesians; soon the spelling and usage of even native English-speakers started to develop in many peculiar directions on the Internet. One could hazard a guess at the origin of a message-poster, but it was usually impossible to identify with any accuracy his or her nationality.
The same did not apply to Russian or Chinese. Posters on Russian-language criminal websites littered their comments with local slang, which some linguists may have been able to follow, but only the most gifted would be able to replicate without being spotted as a non-native speaker. FBI agents would give nothing away on an English-language board, but on a Russian board they would have a struggle getting past the first login. Although US law-enforcement and intelligence officers have used native Russian and Chinese speakers on occasions, they have certainly never possessed anything approaching the financial and linguistic resources to take control of a Russian site in the way they partially appropriated DarkMarket.
On English-language sites, however, one was much less certain of an interlocutor’s true identity. The agency of the Web enabled, and even encouraged, people to change their personalities. This was by no means restricted to the criminal world. Dating sites were already home to some of the most sustained and intense mendacity in history. In chat rooms, people liked to impart a sense of their own talent and importance, which rarely corresponded to the mundane reality of their lives. The Web fostered this because people were unable to check up on their virtual partners’ behavioural traits. Everyone was discovering that on the Web they could lie without fear of exposure or opprobrium.
Criminals were not only subject to the same laws on duplicity, but were especially good practitioners. DarkMarket provided ample proof. In chatlogs the fiendish Devilman, for example, would project an image of a young fast-living ladeez’ man (although he reserved his most persistent affection for cheap ‘dumps’). But when detectives knocked on the door of 62 Lime Tree Grove, Doncaster, the two-up, two-down semi where Devilman’s real-life alter ego, John McHugh, resided, they were greeted by a man in his early sixties whose first response on being informed of his arrest was, ‘Would you mind if I go and put my dentures in first?’ In court, when it came to sentencing, he included among his mitigating circumstances the fact that he had already had one hip replaced and was waiting on a second, so his mobility was severely restricted.
But serious cyber criminals had to generate trust to do business: their reputation was crucial. In DarkMarket, you could only achieve the title of Vendor by proving to the administrators and to the satisfaction of the buyers that you could provide the market with stolen credit cards that genuinely worked. These transactions were overseen by five administrators (three after JiLsi was thrown off the site and Matrix arrested) – Master Splyntr, Shtirlitz and Cha0 (and later Lord Cyric played a role, too).
Cha0 joined DarkMarket in February 2006, but his considerable abilities ensured a rapid rise up the hierarchy. Once he had consolidated his position as a prince of DarkMarket, he was able to focus on his real business strategy. He wanted to become the premier vendor of skimming machines and illegal readers worldwide. There was a significant demand for these devices and, if he could create a monopoly, then he would move into the next phase of his plan for maximising his revenue with minimal effort.
Our man from Istanbul was also in charge of DarkMarket’s crucial Escrow Service, perhaps the pivotal position in the entire operation. Acting as an honest broker, he would ensure that neither a buyer nor seller of credit cards and other illegal data could rip each other off. In that sense, DarkMarket was a mafia operation in the original meaning of the phrase. It acted as the policeman or arbitrator of a criminal market, just as the men of honour started by policing the agricultural markets of Sicily in the second half of the nineteenth century, before moving into the trade in illegal weapons and building permits.
Cha0’s reputation as a scrupulously honest escrow broker was built on his success as a wholesaler of skimming machines. Everybody trusted him. He, by contrast, trusted no one. He never gave away his IP address; he never sent a message that might implicate him in wrongdoing without encrypting it; and nobody could locate him digitally.
Accepting that Cha0 had created a black hole in cyberspace where he was safe and invisible from the cops, Bilal Şen decided he would have to rely on more traditional policing methods to track down his suspect – the ‘plod’ factor has proved surprisingly important in the work of cybercops.
29
SOFTLY SOFTLY
Istanbul, Turkey, 2008
Still anxious that Cha0 might enjoy protection from above, Bilal Şen nonetheless persevered with his investigation. He promised to maintain close contact with Agent Mularski in Pittsburgh once he had returned to Istanbul. They had discussed the possibility of requesting the use of Cha0’s Escrow Service on DarkMarket to see if they could smoke him out that way, but quickly concluded that this was too laborious and unlikely to yield results.
The other thing they knew about him, of course, was that he traded in skimmers. Digitally he was impossible to track down. But if Cha0 was selling the
se skimmers, Bilal reasoned, there were two weak points to his operation – their manufacture and their dispatch.
Skimming ATMs was becoming such a popular sport in Turkey that ever more police officers were now schooled in how to spot them, once they had been put in place. Many of the devices were shoddily built and installed by amateurs. But flicking through the arrest and confiscation reports, the Inspector had observed that in some areas their design and style were not only improving, but it appeared that they were being manufactured in large numbers. Somewhere there must be a factory. Intelligence alerted Şen to the possible presence of skimmer factories in Romania and Bulgaria, so he sent out assistance requests to their respective police forces. The other possibility was that Cha0’s operation was masquerading as a legitimate business and ordering them from licensed manufacturers of card readers inside Turkey.
Once he had acquired the skimmers, Cha0 would somehow have to distribute them. Mularski and Şen had uncovered some evidence suggesting that his products were going as far abroad as the United States, New Zealand and South America, and that some were bulk purchases. In that event, he was unlikely to be using personal couriers. Given the numbers he was beginning to shift, this was probably prohibitively complicated. Bilal pondered the reasons for the increase in productivity, but drew a blank.
He was unaware that one year earlier, in the late spring of 2007, Cha0 had fallen out with Dron, the Canadian skimmer specialist whom the Secret Service and Detective Spencer Frizzell of the Calgary Police were preparing to arrest. Cha0 claimed that Dron was ‘a difficult character’ who irritated his customers and had therefore sullied the good reputation of DarkMarket. The many positive messages about Dron’s service suggested that Cha0’s motivation may have been different – certainly other carders on the board maintained that Cha0 had deliberately targeted Dron for his own reasons.