As you know, Hackers-Arise offers a service we call Digital Forensic Investigator for Hire. Most of our cases fit into the following categories;
1. Cyber Bullying
2. Identity Theft
3. Bitcoin and other cryptocurrencies stolen
4. Porn revenge
Recently, a totally different type of case came to our attention.
Apparently, there is an organization known as the World Association of Science, Engineering and Technology or WASET. WASET is apparently run and owned by the former science teacher, Cemal Ardil, of Turkey. This organization for years has been putting on sham academic conferences around the world. You can read more about them in these investigative reports online.
https://wasetwatch.wordpress.com/2017/10/04/waset-academic-conference-scam/
http://min-eng.blogspot.com/2013/04/are-these-waset-conferences-just-scam.html
It is estimated that this organization garners over $4m per year offering these sham academic conferences.
Many people have speculated that there must be someone else behind this worldwide scam beside this former science teacher, Cemal Ardil, but despite the efforts of several skilled investigators, no one has been able to find or identify that individual…until now.
Introductio
WASET or the World Organization for Science, Engineering and Technology seems from all appearances to be a peer reviewed academic conference and publisher. Researchers from around the world submit their manuscripts for publication and presentation at these prestigious sounding conferences, for a price. When the presenters appear at the conference, instead of presenting before hundreds or thousands of their peers in a high-class hotel conference room (as the conference materials state), instead they present their paper before 6-8 researchers from diverse and unrelated backgrounds in a second rate hotel.
It appears that this prestigious sounding conference is really a front for what is referred to “predatory publishing”. The conference appears to be prestigious in a first rate hotel where you can present your findings to colleagues from around the world
Not only is this a classic “bait-and-switch” scam, but the organizer, Cemal Ardil, often republishes the papers under his own name thereby elevating his academic credentials.
Methodology
In an attempt to determine the identities of the people involved, we scanned the web pages of www.waset.org for documents and other files. By downloading and reading the metadata of these files one can often ascertain users, emails, network and other critical information. Unfortunately, this scan only revealed metadata from the papers submitted and nothing about the owners/perpetrators at WASET.
In our next step, we scanned the website www.waset.org for its Google tag. This tag is used by most websites to analyze the visitors to the website. This is a unique tag for each user or entity and it enables that user/entity to access the data collected from the visitors to the site. This information includes IP addresses, location, age, gender, education, interests, income and many other attributes of the web site visitors.
Hackers-Arise maintains a database of millions of websites’ Google tags. This database extends back over 5 years. With it, we can ascertain which websites are owned by the same entity or company. As the Google tag is unique, it is highly unlikely that a website with the same tag would have different ownership (the probabilities approach zero). When we ran www.waset.org tag against our database, we found numerous websites with the same tag implying they were owned and managed by the same entity.
In our next step, we examined the Whois entry for each of these domains. Whois enables us to find the person who registered the domain including their email address, their mailing address and phone number. In recent years, many companies have begun to use a third-party company to register their website to keep their identity confidential (for a price). This has made Whois lookups less and less fruitful source of information.
Results and Conclusions
Using the address of WASET as it appears in there Whois results, It appears to be an unpretentious office in a commercial district (see Google street view below). Certainly not what one would expect from an entity reaping over $4m/year in revenue
From our database of website Google tags, we found the following websites all using the same tag as www.waset.org (UA-25347189).
congressiq.com
firsatbulur.com
iast.org
internationalscienceconference.org
internationalscienceindex.org
internetiq.org
iuet.org
iust.orgl
luniversite.org
scholarly.org
thedigitaluniversity.org
the-scholar.org
the-university.org
the-university.org
waset.com
waset.eu
waset.org
waset.us
wuset.org
As mentioned above, using the same Google analytics tag presumes the same ownership. Based upon this assumption, we searched the WhoIs database for ownership of each of these sites. All of them came back with Cemal Ardil or a shell corporation based in Turkey or the UAE, such as overseedomainmanagement. That is, they were all registered to Cemal Ardil with the one exception, www.iast.org.
You can see the Whois registration of www.iast.org below.
This website was only online from March 2016 until September 2017. Despite no longer being online, this domain is still registered to Michael Zielinski.
See Michael Zielinski’s Linkedin profile below
Zeilinski characterizes himself as an “angel” investor in numerous websites and applications. He holds his investments in a corporation know as Worldengine. You can see his numerous holdings listed on his website Worldengine.com below.
This site includes only a small subset of websites and applications that Zielinski’s Worldengine has invested in over the years. www.waset.org is notably absent from this list.
From this information we can reasonably conclude that Michael Zielinski is the money man behind www.waset.org. The fact that he shares the same Google analytics tag and is an investor in websites reasonably leads to the conclusion that this is the prime mover of WASET and likely the largest financial beneficiary of the unscrupulous business practices of WASET.
For more information on our findings, contact hackers-arise-info@protonmail.com.