India/Bangladesh cyberwar moves to a new level

In recent months Indian and Bangladeshi hackers have been attacking websites in a tit-for-tat war of attrition between each side. It apparently started from a physical conflict along the border, with Bangladesh claiming Indian border guards had shot innocent civilians (a claim denied – or at least the ‘innocent’ aspect – by India). For the most part this cyberwar has seen attacks against relatively minor and obscure commercial and government sites.

In mid-February a Bangladesh hacking group known as 3xp1r3 (‘expire’) defaced the official website of Teamgreyhat (TGH). Whether in retaliation or through the inevitable escalation of such cyberwars, Teamgreyhat has responded this weekend by successfully attacking the Bangladesh Stock Exchange, and claiming that it wasn’t merely a defacement but a complete break-in. In a message posted to Pastebin TGH stated that it had often been asked to join the conflict and that it “we have make our decision to stand against the cyber criminals of BD.” The message left on the stock exchange website declared “WE ARE HERE FOR OUR INDIAN BROTHERS.”

The threat, after attacking the BD Stock Exchange (the sites now seem to be operating again) increases: “Just the very beginning............ we will destroy your finance sector. And this is not a denial of service attack, we have... penetrated security and defaced the sites.”

Last night Teamgreyhat continued its threat by hacking the Islami Bank Bangladesh Ltd website, one of the largest banks in Bangladesh. At the time of writing, the bank’s site is still defaced. TGH claims to have rooted the bank’s servers, and demands that Bangladesh hackers “immediately stop the... cyber-war.” In a ‘special notice’, TGH also claims to have broken into “the Bangladesh Parliament Network & BD PM Office and gained access over more than 40 GB of sensitive data of BD govt.” It warns the Bangladesh Cyber Army (BCA) to end the cyberwar within 24 hours “else those data will be leaked and make available for all to download.”

What’s Hot on Infosecurity Magazine?