Bangladeshi hacktivists targeting India, Israel with DDoS attacks

A Bangladeshi hacktivist group is ramping up cyberattacks on India and Israel, motivated by politics and religion, researchers have found.

Since June of last year, Mysterious Team Bangladesh has launched more than 750 distributed denial-of-service attacks (DDoS) that overwhelm websites with junk traffic, as well as over 70 defacement attacks that change website appearances to show unauthorized content. Thirty-four percent of those targeted India, while 18 percent focused on Israel.

According to a report by cybersecurity firm Group-IB, the Bangladeshi hacktivist collective was founded in 2020 by a threat actor who goes by the username D4RK TSN.

However, the group only began to garner worldwide attention in 2022 after a series of cyberattacks against high-level targets in India and Israel.

Hacktivists’ targets include the government, financial, and transportation industries, but they mostly focus on specific countries rather than individual companies or sectors, researchers said.

Similar to many hacktivists, Bangladeshi hackers are often motivated by various news events, which prompt them to initiate attacks against specific countries.

In the case of Mysterious Team Bangladesh, these news events are typically linked to politics or religion.

In February, the group went after several organizations in Sweden, potentially triggered by an incident involving the burning of the Quran. Around the same time, another hacker group, Anonymous Sudan, also attacked Sweden for the same reason.

The attack on Australian organizations might have been triggered by the use of the word "Allah" in the clothing designs showcased during a fashion show in Melbourne.

Mysterious Team Bangladesh mainly uses DDoS or defacement attacks against its targets. However, there have been instances where the group managed to gain access to web servers and administrative panels by exploiting known vulnerabilities or using common passwords for admin accounts, the researchers said.

Before launching a full-scale attack, the group typically conducts a short "test attack" to check the targets' resistance to DDoS attacks.

The group most often exploits an open-source administration tool called PHPMyAdmin and the WordPress website builder.

Besides India, which remains its most popular target, Mysterious Team Bangladesh has recently attacked organizations in Israel, Senegal, Ethiopia, Australia, Sweden, and the Netherlands.

Researchers believe that in 2023, the group will likely expand its operations, with a particular focus on financial companies and government entities in Europe, Asia-Pacific, and the Middle East.

“The threat of hacktivism is often underestimated,” the researchers said. However, their actions can disrupt critical systems, and lead to massive monetary and reputational losses for affected organizations.