Menu
Browse

Cyber Threat Actor: AhmetU

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Activist
China
1 incident
Profile

The threat actor is known by the aliases AhmetU and Uyghur Hackers. Public sources associate the actor with China as its location. These identifiers are used in reporting of the actor's activities.

On February 26, 2016, AhmetU was reported to have compromised the website korfeztuning.com. The intrusion resulted in the extraction of user data from the site's database. The actor subsequently published the stolen information online.

The dumped data contained 17,417 usernames paired with their corresponding passwords. Notably, the passwords were stored in clear text rather than being hashed. This exposure allowed anyone with access to the dump to view the credentials in plain form.

The same actor is also referenced in some reports as the Uyghur Hackers collective. The alias AhmetU appears to be the primary handle used in the korfeztuning.com incident. Both names refer to the same threat actor in open source reporting.

Beyond the korfeztuning.com breach, the provided source material does not contain additional details about the actor's typical targets, sectors, geographic focus, strategic objectives, malware families, initial access vectors, tooling, or affiliations. Consequently, any description of broader campaigns or operational patterns would be speculative and is omitted here. The profile therefore remains limited to the confirmed facts outlined above.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources