New Dark Web Forum “Kurd Hacker Forum” Emerges Targeting Middle Eastern Data Breaches

A newly established dark web forum calling itself the “Kurd Hacker Forum” has emerged with a focus on posting alleged data breaches from entities in Iraq, Syria, and Turkey. The forum, which registered its domain on January 28, 2026, according to WHOIS records, has rapidly grown to over 800 members and mirrors the structure of notorious predecessor forums like BreachForums and RaidForums.

Forum Structure and Organization

The Kurd Hacker Forum has adopted a familiar organizational structure that closely resembles previous illicit data-sharing platforms. The forum features multiple specialized subforums, including:

• Databases – For sharing stolen database dumps
• Cracking Tools – Tools for breaking security measures
• Combo Lists – Username and password combinations
• Cracked Tools – Pirated software and utilities
• Cracked Accounts – Compromised user credentials
• Doxes – Personal information exposure
• Exploits – Security vulnerability exploits
• Hacking Tools – Offensive security tools
• Malware – Malicious software distribution

Content on the forum is posted in both English and Kurdish languages, indicating a bilingual user base with regional focus.

Alleged Data Breaches

The forum hosts numerous threads claiming to contain breached databases from government and institutional entities across the Middle East region, including:

Turkey

• Turkey Covid Vaccination Database (SQL format)
• Turknet leak
• Aydın Adnan Menderes University database

Iraq

• Iraq Traffic Database
• Iraq Federal Police database
• Iraq Citizen Database
• Database of Political Prisoners in Iraq
• Al-Hashd Al-Shaabi (Popular Mobilization Forces) data

Syria

• Syrian Ministry of Health database

Membership and Staffing

Despite being operational for less than two weeks at the time of analysis, the forum has demonstrated rapid growth:

• Total Members: Over 800 as of early February 2026
• First Member: “Shada Kurdistani” joined on January 28, 2026 (the domain registration date)

The forum operates with a four-tier staff hierarchy:

• Administrators – 4 members
• Super Admin – 6 members
• Cyber Shield – 1 member
• Admin – 2 members

The most prominent member appears to be “Dr.Scouser,” who holds a “Super Admin” position and is reportedly the wealthiest member of the forum based on internal currency or reputation metrics.

Threat Intelligence Implications

The emergence of this forum represents several concerning trends:

1. Regional Targeting: Focused attacks on Middle Eastern government and institutional databases
2. Rapid Growth: Quick membership expansion suggests significant interest in regional data
3. Infrastructure Vulnerabilities: The accessible admin panel indicates poor operational security
4. Threat Actor Networking: Promotion by established groups suggests coordination within the cybercriminal ecosystem

Conclusion

The Kurd Hacker Forum represents a new threat vector specifically targeting Middle Eastern entities. Its rapid growth, organized structure, and backing from established threat actors suggest it could become a significant platform for regional data breaches. The forum’s security misconfiguration, while providing potential intelligence-gathering opportunities for law enforcement, also underscores the amateurish aspects of its operation.