Link to Youtube video
https://www.youtube.com/watch?v=i8LM0HX7Gqg

Link to report domain attack to USOM

Usom.gov.tr/en/report

Link to Us Military National Cyber summit
https://youtu.be/SqOnIzNBA5Q

Official Statement regarding East Vs West Arm Wrestling Domain Transfer Introduction

Hello, my name is Steven T. Bryant and I am the CEO of Global Ethical Hackers.
I have accepted awards in Silicon Valley, an award from the Institute of Engineering and Technology sponsored by GCHQ in England, and have spoken at the US Military national cyber summit about 2FA.For anyone who does not know what GCHQ is, it the organization working alongside spy agencies Mi5 and Mi6.In addition to providing ethical hacking services, Global Ethical Hackers specializes in educating our clients about cyber security best practices and, most relevant for this report, forensic investigating.
If you are unaware of the current situation, two legends of sport, Gigantor, Brian Shaw, and The Beast, Eddie Hall, were endeavouring to advance professional arm wrestling into mainstream sports via the Brian Shaw classic.
During that time these efforts were disrupted when the domain “East Vs West Arm wrestling.com” was transferred away from its registered owner.
This caused a significant disruption to the services and, according to East Vs West management,is causing considerable financial damage.
This situation led Robert Baxter, the owner of East vs West arm wrestling LLC, to engage Global Ethical Hackers to undertake an independent investigation of the domain transfer and present a report of our findings.

Reports and Updates

All statements and updates from this investigation, as well as selected evidence can be found on our website Global EthicalHackers.com/evw.

Global Ethical Hackers is committed to mitigating the risk of cyber attacks against East Vs West Arm Wrestling. We understand athletes, announcers and commentators’ social media accounts generate significant revenue, as well as promote the sport and provide information about future events.
To protect those income streams we are offering our services of implementing cyber security best practices, free of charge, to East Vs West professionals to help defend against and recover from future attacks.

Contact us

EVW professional athletes announcers and commentators, please email us at evw@globalethicalhackers.com with your name as the subject.

Our Findings

Addressing some circulated theories

1. Removal of a Credit Card

We are aware that it has been suggested online that the credit card on file was intentionally removed to prevent the domain from being auto renewed.

This statement appears to be false, as a receipt provided by Engin Terzi shows the payment to renew the domain in August of 2024 was carried out by bank transfer and not by credit card.

2. Backorder transfer of domain

We are aware that it has been discussed online that a backorder somehow led to the transfer of the domain.

A backorder domain purchase occurs when a registrar reserves the right to be the first in line to bid on, or purchase, a domain after it expires and becomes available for sale.

Hostinger has confirmed that backorder purchasing is not a service that they offer.Based on this statement, it is evident that the transfer of the domain from Isimtecil to Hostinger, shortly after the August 10th expiry date, was not a back order domain purchase.

Evidence of a Cyber Crime

Cybercrime encompasses illegal activities that involve computers, networks, or digital devices. These crimes can target individuals, organizations, and governments and often aim to steal sensitive information, extort money, or disrupt operations.

We understand that Mr. Terzi was the registered owner at the time of the transfer and, even though the domain had expired, his authorization was required to transfer the domain. Mr. Terzi has stated that he did not transfer the domain nor authorize it to be done.

According to East Vs West, the unauthorized transfer of the domain in this case disrupted its service, is causing significant financial damage and the miscreant involved sent communication to sell back the domain.

Based on these two statements, the transfer was evidently a cybercrime.

Status of The Domain

Contrary to some statements circulating online, the domain is still not in the possession of East Vs West Arm wrestling, the trademarked holder of the business.

Global Ethical Hackers has been informed by the registering agency, Hostinger, that it has placed a 60 day block, preventing the domain from being transferred to any other registrar.

There is a process underway, which Global Ethical Hackers is trying to aid, to have the domain transferred back to East Vs West.

Who transferred the domain

We are aware that there has been some speculation online about whether someone from East Vs West or their streaming partner, Kiswe, transferred the domain after August 10 2025

Identity of the miscreant?

Who created and was in control of the accounts for the domain.In a written conversation with Onur Ağcataş, Mr. Ağcataş wrote that he created the accounts and passwords for the Isimtecil and the Gmail account used to login and control the domain. Mr. Ağcataş also stated the passwords were the same for both accounts.

Mr Ağcataş wrote he did not share the credentials with Mr. Terzi.

It has also been suggested, and was indicated to Global Ethical Hackers, that credentials to the Gmail account that was used as the Username for the registrar were significant in the transfer.

Part of this theory was that the passwords for the Gmail and the Isimtecil were the same, and therefore if individuals had access to one they could be assumed to have access to both.

The importance of access to the Gmail account is that it would required to retrieve the 6 digit 2 factor authentication code required to complete the login process to transfer the domain.

What is 2FA and was it used?

2FA (two-factor authentication) is a security method that requires two distinct forms of identification to access an account or system, adding a crucial layer of protection beyond a simple password.

This dual-proof system significantly hinders unauthorized access, safeguarding sensitive data and accounts from potential cyber threats like phishing or credential
theft. The transcripts show that 2FA was in fact in use in this case

The Gmail account is not relevant.

Although indications were that access to the Gmail account was necessary in order to transfer the domain from Isimtecil, this statement appears to be not true.

I set up an Isimtecil account. After attempting several logins a telephone call was placed to Isimtecil. Isimtecil told Global Ethical Hackers that the required 2FA code is only sent via sms to a sim card. Isimtecil indicated that they do not offer the service of sending the 2FA code via email.

Synopsis of events

In January of 2025 Peter Clarke from Kiswe and Adam Silver from East Vs West were tasked with integrating the live stream with the domain to offer pay per view services.

Mr Ağcataş provided the Username (Gmail account) the password and the location to login to Isimtecil to Mr. Silver on January 21st and on the same day Mr. Silver shared these credentials with Peter Clarke. This has been confirmed with transcripts of the conversations.

The transcripts show on the same day Adam silver and Peter Clarke successfully logged into the Isimtecil account 1 time each. Mr. Silver, Mr. Clarke and Mr. Ağcataş have confirmed this.

The evidence shows that on both instances on January 21 2025 where the login to the Isimticel account was successful, the 6 digit 2FA code was sent by Isimticel and was provided by Mr. Ağcataş to Mr. Silver and Mr. Clarke.

Once it was provided by Mr. Ağcataş to Mr. Silver at the request of Mr. Silver and once it was provided to Mr. Clarke at the request of Mr. Clarke, in the latter case at the exact same minute. 6:32 am Pacific Daylight Time or 16:32 in Turkey.

This indicates that for the January work to integrate the live stream, the 2FA code provided by Mr. Ağcataş would have been sent via sms to the sim card that Mr. Ağcataş was able to retrieve and provide to Mr. Clarke at the exact same minute.

Based on this evidence, it appears that Mr. Clarke and Mr. Silver could not have been involved in the transfer of the domain in August without access to the phone associated to the Isimtecil account.

None of these parties, at any stage , have indicated that Mr. Clarke nor Mr. Silver might have somehow had access to the device that contianed the sim card.

It also indicates that the 2FA code Mr. Ağcataş required to generate the transfer codes to transfer the domain in March would have also have been sent via sms to the device using the sim card attached to the number on file at Isimtecil.

The Joy of 2FA

In addition to previously listed advantages, 2FA also serves to prevent fraud and assist in identifying those who commit it.

In this case we are no longer looking for the IP address hiding behind a veil of a VPN to find out who transferred the domain. Establishing the owner of the SIM card on file will be a key piece of evidence to conclude who transferred the domain.

To purchase a SIM card in Turkey, you must present a valid ID, such as a passport, to prevent fraud and ensure the number is registered to you.

The authorities can retrieve this information in one inquiry, as it is listed on file at Isimtecil.

Wrap up and Moving forward

Filing the report

Global Ethical Hacker is pleased to confirm that Turkey’s primary cyber breach authority, recently established, the National Cyber Incident Response Center, USOM, has responsibilities and authority over this cyber attack.

The agency was created under Presidential Decree No. 177 in January 2025 and detailed in the comprehensive 2025 Cybersecurity Law (Law No. 7545) on March 19, 2025. USOM has the legal powers to commence a formal investigation and bring the those responsible for the attack to justice.

USOM obliges registered owners of a domain that has suffered a breach, to report the breach immediately.

We have reminded Mr. Terzi, the listed registered owner at the time of the attack, of his obligations to report of the breach to USOM. We are awating confirmation from Mr. Terzi that the breach has been reported to USOM.

Not only is this filing an important obligation, it is the step in discovering who was responsible for the attack and see them punished.

Best Practices

Domain Name Responsibilities

Domain names are used for criminal activities including phishing, malware distribution, spam campaigns, fraudulent e-commerce, domain hijacking, and spreading illegal content such as child exploitation material.

As such, authorities place significant responsibilities on the registered owners of domain names. In continually increasing efforts to protect the innocent, these responsibilities carry significant penalties for non-compliance, and, more and more, negligence is no excuse in the eyes of the law.

For any domain owners, we advise taking these responsibilities seriously.

Two factor authentication

It is always best to use Two factor authentication and ensure the protection of your domain. We recommend not sharing the password credential for the domain with anyone. If you have done so, change them immediately as practically as possible. This is part of an umbrella concept known as zero trust, where lax controls easily merged into negligence and can have serious consequences. It is evident from this case and many others, that once the attack has been committed it creates a difficult and expensive situation to redress.

Password Strength

Create a strong password, possibly using a GATE password as found on our website, to prevent miscreant hackers from gaining access.

Up to date Anti Virus

It is always best to use up to date antivirus to help prevent breaches and protect your valuable information.

Contact Us

EVW professionals please email us at evw@globalethicalhackers.com with your name as the subject.

Share

Please share this video so East Vs West Arm wrestling professionals can allow Global Ethical Hackers help protect their accounts, at no cost to them, and other arm wrestling fans can learn about, and benefit from, best practices.