ISTANBUL // Turkish authorities were able to trace thousands of people they accuse of participating in an underground network linked to last month’s failed military coup by cracking the weak security features of a little-known smartphone messaging app.
Security experts said the app, known as ByLock, appeared to be the work of amateur software developers and had left important information about its users unencrypted.
A senior Turkish official said Turkish intelligence cracked the app earlier this year and was able to use it to trace tens of thousands of members of a religious movement the government blames for last month’s failed coup.
Members of the group stopped using the app several months ago after realising it had been compromised, but it still made it easier to swiftly purge tens of thousands of teachers, police, soldiers and justice officials after the coup.
Turkey blames followers of US-based exiled cleric Fethullah Gulen for the July 15-16 attempted coup. Mr Gulen denies any connection to the plot.
“The ByLock data made it possible for us to map their network — at least a large part of it,” a Turkish official said. “What I can say is that a large number of people identified via ByLock were directly involved in the coup attempt.”
The Turkish official said ByLock may have even been created by the Gulenists themselves so they could communicate.
“ByLock is an insecure messaging application that is not widely used today,” Tim Strazzere, director of mobile research at US-Israeli security firm SentinelOne said. “Anyone who wanted to reverse engineer the app could do so in minutes.”
More than a dozen security and messaging experts said they had never heard of ByLock until it was mentioned in recent days by the Turkish authorities.
According to Matthew Green, a cryptologist and assistant professor of computer science at Johns Hopkins University in the United States who examined the app’s code, the ByLock network generates a private security key for each device, intended to keep users anonymous.
But these keys are sent to a central server along with user passwords in plain, unencrypted text, meaning that anyone who can break into the server can decrypt the message traffic, he said.
“From what I can tell it was either an amateur app [most likely] or something that someone wrote for the purpose,” he said.
Meanwhile in Turkey on Wednesday, the head of a top European rights watchdog backed a “cleaning up” of Turkish institutions in response to the coup.
Despite growing concern over the crackdown, Council of Europe chief Thorbjorn Jagland said there had been insufficient understanding in Europe about the challenges faced by Turkey.
His comments came as President Recep Tayyip Erdogan, in a rare apology, asked forgiveness for having an alliance with Mr Gulen in the early years of his political career.
Almost 26,000 suspects have now been rounded up.
Mr Jagland’s comments accepting the need for a crackdown contrasted with the tone of several EU officials who while condemning the coup have expressed alarm over the scope of the arrests.
“I recognise that of course there is a need for taking on those who were behind this coup and also on this secret network,” Mr Jagland said after talks with Foreign Minister Mevlut Cavusoglu in Ankara.
“I would like to say there has been too little understanding from Europe over what challenges this has caused to the democratic and state institutions of Turkey,” said Mr Jagland, referring to Mr Gulen’s group.
Turkey has sent an array of documentation to the United States asking for Mr Gulen’s extradition and has so far expressed exasperation over the slowness of Washington in taking up the issue.
The coup was led by disgruntled elements in the military who the authorities say were followers of Gulen fast-tracked to senior positions by rigging in examinations.
*Reuters and Agence France-Presse
