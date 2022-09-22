A hackers’ group from Bangladesh recently targeted hundreds of state government websites across India, and also a central government server. Some 500 websites of various ministries and government departments of Gujarat, Uttar Pradesh, Assam, Punjab, Chhattisgarh and Tamil Nadu were targeted by the group that calls itself “Mysterious Team Bangladesh” (MTB), Zee News has learnt.

No data was stolen or adverse messages displayed, implying the hackers were more interested in just making a point rather than causing any serious damage. The modus operandi was similar to many hacking incidents in the past – DDoS (Distributed Denial of Service) attacks against domains and sub-domains. The act was in response to the Nupur Sharma episode, it is believed.

Bengaluru-based cyber intel firm CloudSEK identified one of the hackers as Taskin Ahmed. The rest of the group comprises students or recent graduates between 20 and 25 years of age, who previously operated under hackers’ groups such as “Elite Force 71” and “Bangladesh Cyber Anonymous Team”.

Associated with Indonesia-based “Hacktivist of Garuda”, MTB members have a history of mass reporting content on public platforms such as Facebook and YouTube. They are said to reside in Bangladesh’s Chittagong, and operate and communicate via Facebook, Twitter and Telegram.

The matter came to light when an MTB member with the handle D4RK_TSN made a post claiming to have launched an HTTP flood DDoS attack on government websites. The posts were made on Facebook, Telegram and Pastebin.

Most of the websites targeted were of the Gujarat government. Portals of the chief minister’s office, Home, finance, education, health and tribal ministries were some of the 475 government websites identified that were breached.

Around 20 websites of the UP government were also targeted. These include the Home, Parliamentary Affairs, irrigation and labour ministries and departments. Apart from these, the portals of Punjab and Tamil Nadu governments were also breached by the hackers.

MTB used the ‘Raven Storm’ tool for the attacks, CloudSEK said. The tool uses multi-threading for sending multiple packets at the same time to get the target down.

“Such attacks compromise the security and confidentiality of data on websites. Some security features might malfunction, further escalating the site’s vulnerability to cyber attacks. Website infrastructural damage might render its services and resources inaccessible to the user,” said Abhinav Pandey, cyber threat researcher at CloudSEK.