How hackers from Bangladesh are targeting Indian government websites, servers

Bangladeshi hackers are using DDoS (Distributed Denial of Service) attacks against domains and sub-domains of several state governments and a web server hosted by the Indian government.

advertisement
Bangladeshi hackers attack Indian government websites
According to sources, the government is closely monitoring attacks coming from foreign countries.

Bangladeshi hacktivists have created havoc by attacking hundreds of Indian websites. The attack by the group Mysterious Team Bangladesh (MT) came days after Malaysian hacktivist groups known as DragonForce and Hacktivist of Garuda launched a series of cyber attacks against the Indian government over Nupur Sharma's remark on Prophet Muhammad.

Like DragonForce, Bangladeshi hackers are using DDoS (Distributed Denial of Service) attacks against domains and sub-domains of several state governments and a web server hosted by the Indian government. The attacks were found by researchers of Bangalore-based cyber security firm CloudSEK, which in its report said that the websites belonging to the governments of Assam, Madhya Pradesh, Uttar Pradesh, Gujarat, Punjab and Tamil Nadu were affected.

According to sources, the government is closely monitoring attacks coming from foreign countries. Interestingly, over 2,000 websites were hacked last time, after which Deputy Commissioner Amit Vasava, Ahmedabad Cyber Crime, had written to the Malaysian and Indonesian governments and Interpol to issue lookout notices for both groups.

Since then, attacks from two popular groups, DragonForce and Hacktivist of Garuda, have stopped. But now, smaller hacking groups have emerged who are constantly trying to break into Indian cyber infrastructure.

ALSO READ | Cyber war against India over Nupur Sharma's Prophet remark

According to the CloudSEK researcher, this came to light when a member of Mysterious Team Bangladesh (MT) made a post claiming to have launched an HTTP flood DDoS attack on government websites. Similar posts were seen on multiple platforms, including Facebook, Pastebin, and Telegram.

Post from Telegram Channel - Mysterious Team Bangladesh

CloudSEK concluded the use of the Raven Storm tool by Mysterious Team for DDoS attacks. The tool uses multithreading for sending multiple packets at the same time to get the target (server) down.

ALSO READ | Prophet row: International hackers launch series of cyber attacks on India against Nupur Sharma’s statement

"Through meticulous analysis and profiling of multiple groups, it can be rightly concluded that such hacktivist groups collaborate amongst each other excessively to conduct nefarious attacks, DDoS being the primary one, followed by defacing attacks. Raven Storm has been the most prevalent tool employed, for such impactful DDoS attacks, by such hacktivist groups”, Abhinav Pandey, Cyber Threat Researcher- CloudSEK.

WHAT IS THE MYSTERIOUS TEAM BANGLADESH (MT)

Mysterious Team Bangladesh (MT) are predominantly motivated by hacktivism and has associations with an Indonesia-based hacktivist group, “Hacktivist of Garuda”. They also have a history of involvement in mass reporting of content across public platforms like Youtube, Facebook, Linkedin, etc.

Facebook Page and Mobile Number of Mysterious Team

One of the co-founders of Mysterious Team Bangladesh (MT) has been recognised as Taskin Ahmed. The rest of the group primarily consists of students or recent graduates between the ages of 20 to 25 years that previously operated under hacker organisations like Elite Force 71, Bangladesh Cyber Anonymous Team, and Taskin Vau. Members primarily reside in the Chittagong area of Bangladesh and either study in college or have recently graduated.

IMPACT AND SOLUTION

DDoS can leave websites more vulnerable as some security features may be offline due to an attack. Damaged infrastructure can cause the collapse of services provided by a website. Websites become vulnerable to further attacks. Loss of data and credentials are compromised.

According to cyber experts, such attacks compromise the security and confidentiality of data on websites. Some security features might malfunction, further escalating the site’s vulnerability to cyber-attacks.

Website infrastructural damage might render its services and resources inaccessible to the user. Measures to protect against such malicious attacks include blocking unnecessary IP addresses and deploying Load Balancer and DDoS protection services. Regular upgradation of software and conducting vulnerability assessments of impacted web servers help identify and bridge the gap in security.

(This article is authored by Shashank Shekhar who is an independent journalist and writes on cyber security and emerging technologies.)

ALSO READ | Prophet row: International hackers launch series of cyber attacks on India against Nupur Sharma’s statement

--- ENDS ---