The International Press Institute, IPI – a global network of editors, media executives and journalists, with a mission to defend media freedom and the free flow of news – and the Media Freedom Rapid Response, MFRR – a Europe-wide mechanism that tracks violations of press freedom in EU Member States and candidate countries – on January 10 condemned the cyber-attack and false copyright claims that BIRN received in December 2023.
“International Press Institute, IPI condemns the recent DDoS cyber-attack and two allegedly fraudulent copyright claims filed against BIRN which comes after it refused to delete public interest reports on convicted Turkish fraudster Yasam Ayavefe,” stated IPI.
MFRR included the attacks against BIRN on its Mapping Media Freedom map.
The Balkan Investigative Reporting Network’s website, Balkan Insight, on December 22 received a major distributed denial-of-service DDoS attack after it published news about false copyright claims made over two of its articles concerning convicted Turkish fraudster Yasam Ayavefe.
A DDoS attack is a malicious attempt to disrupt the regular functioning of a targeted server by overwhelming it with a flood of internet traffic.
BIRN on December 19 had published a news article, “BIRN Texts on Turkish Fraudster Falsely Reported over Copyright,” about two false copyright infringement complaints it had received concerning two of its articles.
The first article, published February 15, had been about a cyber-attack on the Greek media outlet Documento, after it reported that Ayavefe’s wife had secured fake ID papers from an organised crime gang.
The second article, published July 26, had been about the request of an Ayavefe representative for BIRN to remove its reports about his client.
“These kinds of posts affect the business life of my client [Ayavefe]. He has invested in so many countries and posts like this cause my client material and moral damage,” Bener Ljutviovski, who introduced himself as Ayavefe’s representative, told BIRN in an email.
BIRN received the copyright infringement complaints via a hosting company that leases out servers, submitted by two people under the name of Rocky Paul, purportedly based in Colorado, US, and from an individual named Sharon Henkel, purportedly based in France.
The complaints claimed that a blogspot page titled Global News Express and a Tumblr account called “mindbluray” had originally published the BIRN articles.
However, the alleged authors had merely republished the BIRN articles, changing the dates from February 26 to February 1 and from July 26 to July 21.
It is not the first time cyber-attacks have buffeted BIRN; in September 2022, BIRN and its Greek partner media outlet Solomon’s websites came under a DDoS attack after publishing an investigation on how Ayavefe – despite being convicted by a Turkish court in 2017 of defrauding online gamblers and arrested in Greece in 2019 trying to cross the border into Bulgaria on a false passport – got honorary Greek citizenship.
The investigative outlet Inside Story first wrote about Ayavefe’s Greek citizenship – and came under a DDoS attack after publishing its report on him.
In the meantime, Ayavefe managed to get 201 online content items in Turkey removed under three court orders. The removed content included news articles, social media posts and even the official website content and social media posts of the Turkish Police.
Ayavefe’s representative in July, besides asking for the removal of the articles, offered BIRN financial incentives in return for compliance. “My client Dr Yasam Ayavefe has an advertising company, if you help us in this case we can provide advertising services to your organisation, so you can grow to a bigger organisation. We would love to cooperate with you,” he wrote.
BIRN rejected Ljutviovski’s offer and his repeated demands to remove the articles about Ayavefe.