Hacktivist Collective “Mysterious Team Bangladesh” Revealed

Written by

Threat intelligence experts from Group-IB have shed light on the hacktivist collective known as Mysterious Team Bangladesh.

In a report published today, the firm analyzed the group’s history, tactics and targets, providing vital insights into its operations.

Mysterious Team Bangladesh emerged in 2020 but gained international recognition in 2022 after conducting cyber raids against high-profile targets in India, Israel and other countries. The group primarily focuses on the government, financial and transportation sectors, with a strong emphasis on India.

Read more about these attacks: ‘Team Mysterious Bangladesh’ Hackers Target Indian Education Entity

Key findings from the Group-IB analysis state that the group carried out over 750 Distributed Denial of Service (DDoS) attacks and more than 70 website defacements within a year. 

“Additionally, it is believed that in some cases the group was also able to gain access to web servers and administrative panels, presumably using exploits for widely known vulnerabilities or common/default passwords for admin accounts,” reads the report.

The group was observed initiating multi-wave campaigns against specific countries and conducting “test attacks” before full-scale DDoS attacks. PHPMyAdmin and WordPress vulnerabilities were frequently exploited, and the group employed open-source utilities for DDoS and defacement attacks.

The Group-IB report also revealed that the group’s founder and leader is a threat actor known as D4RK_TSN. The group maintains an active Telegram channel as their primary source for announcing past and upcoming attacks.

Mysterious Team Bangladesh is linked to several allied hacktivist groups, and their activities are often triggered by global geopolitical conflicts, as evidenced by campaigns against Myanmar and Bangladesh.

More generally, the report highlighted the need for organizations to take the threat of hacktivism seriously and adopt measures such as deploying load balancers, filtering suspicious traffic and updating web-server software to prevent exploitation.

“As of July 2023, Mysterious Team Bangladesh continues to be highly active, targeting mainly India and Israel,” Group-IB warned.

“We assume that the group will expand its operations further in 2023. They will likely intensify their attacks in Europe, Asia-Pacific, and the Middle East, and expect that they will continue to have a particular focus on financial companies and government entities.”

What’s hot on Infosecurity Magazine?