Turkish National Intelligence Organization (MIT)’s cyber operation against the encrypted messaging application ByLock uncovered the internal communication network and organizational hierarchy of the Gülenist Terror Group (FETÖ), providing evidence that later became central to thousands of terrorism-related prosecutions following the failed coup attempt of July 15, 2016.

According to information compiled from judicial findings and official accounts, ByLock was developed as a dedicated encrypted communication platform used exclusively by members of FETÖ. Unlike widely available messaging applications, the system operated as a closed network that could only be accessed by users who possessed platform-generated identification numbers and mutual authorization, preventing random users from joining.

MIT first learned of the application's existence in July 2014 through intelligence sources that had infiltrated the group. Subsequent technical analysis concluded that the software had been developed in late 2013 under instructions from senior figures within FETÖ's cyber structure, shortly before the Dec. 17-25, 2013 investigations in Türkiye.

Following those findings, MIT established a specialized cyber team consisting of database experts, cryptologists, network specialists, ethical hackers and reverse-engineering analysts to identify and penetrate the application's infrastructure.