September 29, 2023

A Bangladeshi hacktivist group is ramping up cyberattacks on India and Israel, motivated by politics and faith, researchers have discovered.

Since June of final yr, Mysterious Group Bangladesh has launched greater than 750 distributed denial-of-service assaults (DDoS) that overwhelm web sites with junk visitors, in addition to over 70 defacement assaults that change web site appearances to indicate unauthorized content material. Thirty-four % of these focused India, whereas 18 % centered on Israel.

Based on a report by cybersecurity agency Group-IB, the Bangladeshi hacktivist collective was based in 2020 by a risk actor who goes by the username D4RK TSN.

Nonetheless, the group solely started to garner worldwide consideration in 2022 after a sequence of cyberattacks in opposition to high-level targets in India and Israel.

Hacktivists’ targets embody the federal government, monetary, and transportation industries, however they principally give attention to particular international locations relatively than particular person firms or sectors, researchers mentioned.

Just like many hacktivists, Bangladeshi hackers are sometimes motivated by numerous information occasions, which immediate them to provoke assaults in opposition to particular international locations.

Within the case of Mysterious Group Bangladesh, these information occasions are usually linked to politics or faith.

In February, the group went after a number of organizations in Sweden, probably triggered by an incident involving the burning of the Quran. Across the similar time, one other hacker group, Nameless Sudan, additionally attacked Sweden for a similar cause.

The assault on Australian organizations might need been triggered by way of the phrase “Allah” within the clothes designs showcased throughout a vogue present in Melbourne.

Mysterious Group Bangladesh primarily makes use of DDoS or defacement assaults in opposition to its targets. Nonetheless, there have been situations the place the group managed to realize entry to internet servers and administrative panels by exploiting recognized vulnerabilities or utilizing widespread passwords for admin accounts, the researchers mentioned.

Earlier than launching a full-scale assault, the group usually conducts a brief “check assault” to verify the targets’ resistance to DDoS assaults.

The group most frequently exploits an open-source administration software known as PHPMyAdmin and the WordPress web site builder.

In addition to India, which stays its hottest goal, Mysterious Group Bangladesh has just lately attacked organizations in Israel, Senegal, Ethiopia, Australia, Sweden, and the Netherlands.

Researchers consider that in 2023, the group will probably increase its operations, with a selected give attention to monetary firms and authorities entities in Europe, Asia-Pacific, and the Center East.

“The specter of hacktivism is usually underestimated,” the researchers mentioned. Nonetheless, their actions can disrupt crucial programs, and result in huge financial and reputational losses for affected organizations.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Be taught extra.

Daryna Antoniuk

Daryna Antoniuk
is a contract reporter for Recorded Future Information primarily based in Ukraine. She writes about cybersecurity startups, cyberattacks in Japanese Europe and the state of the cyberwar between Ukraine and Russia. She beforehand was a tech reporter for Forbes Ukraine. Her work has additionally been printed at Sifted, The Kyiv Impartial and The Kyiv Publish.