Wednesday, January 8, 2025
HomeCyber Security NewsMysterious Team Bangladesh Hackers Launched 750 DDoS Attacks and Hacked 78 Website

Mysterious Team Bangladesh Hackers Launched 750 DDoS Attacks and Hacked 78 Website

Published on

The notorious Hacktivists group, Known as Mysterious Team Bangladesh, exploits vulnerable versions of PHPMyAdmin and WordPress.

It conducts DDoS and defacement attacks through open-source utilities and is believed to have carried out over 750 DDoS and 70+ website defacements within a year.

The group has been active since 2020 and targets logistics, government, and financial sector organizations in India and Israel.

The Group-IB Threat Intelligence shared the latest report on Mysterious Team Bangladesh activities.

Detailed analysis:

According to the report, India was the most targeted nation, and the group launched a large-scale campaign against India in May 2023.

It is suspected that the group will expand its operation across Europe and Asia Pacific and the middle east at the end of 2023.

The most common technique utilized by the group to target the victim is DDOS and defacement attacks.

In addition to that, it exploits widely deployed and outdated services, such as PHPMyAdmin and WordPress.

A D4RK TSN threat actor is believed to be behind this group, and multiple active social media pages such as Facebook, Twitter, and Telegram were identified.

The group posted its past and upcoming attacks on their telegram channel which has been active since 2022.

A prime example of a group driven by religious motives is a recent campaign targeting multiple organizations in Sweden, triggered by the incident involving the burning of the Quran.

The percentage of attacks launched by the group is as follows: 88% were DDos,9% were defacement and 2.9% attacks were launched against databases.

In some cases, the group exfiltrated data from the organization and posted it on their Telegram channel.

They have the capability to launch attacks against a large number of targets quickly and assume that it has scripts for the mass exploitation of websites using the same frameworks or server software versions.

Keep yourself informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.

Latest articles

How Nation-State Actors and Organised Hackers Involving in Their Ways of Cyber Attacks

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred.Both groups...

Washington State Filed Lawsuit Against T-Mobile Massive Data Breach

Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for...

Stalwart – All-in-One Open-Source Secure Mail Server with JMAP, IMAP4, POP3, and SMTP

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and...

PriveShield – Advanced Privacy Protection with Browser Profile Isolation

A browser extension named PRIVESHIELD automatically creates isolated profiles to group websites based on...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

How Nation-State Actors and Organised Hackers Involving in Their Ways of Cyber Attacks

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred.Both groups...

Washington State Filed Lawsuit Against T-Mobile Massive Data Breach

Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for...

Stalwart – All-in-One Open-Source Secure Mail Server with JMAP, IMAP4, POP3, and SMTP

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and...