A hacktivist group known as Mysterious Team Bangladesh has been linked to more than 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022, primarily targeting government, financial, and transportation sector organisations with strong focus on India, a new report has shown.
According to the cybersecurity firm Group-IB, the group emerged in 2020 but only began to garner global attention in 2022 after a series of cyber raids against high-level targets in India, Israel, and other countries.
“The threat of hacktivism is often underestimated. Hacktivists frequently target critical infrastructure facilities, telecom companies, financial institutions, and governmental organisations. Unlike ransomware threat actors, hacktivists do not engage in negotiations. Their actions are intended to disrupt critical systems, leading to potentially massive monetary and reputational losses for affected organizations,” said Group-IB’s researchers.
The group is primarily driven by religious and political motives, said the report.
Some of the other targeted countries included Australia, Senegal, the Netherlands, Sweden, and Ethiopia.
Moreover, the threat actor is said to have gained access to web servers and administrative panels, most likely through the use of known security flaws or weak passwords.
The report further mentioned that the hacktivist group most often exploits vulnerable versions of PHPMyAdmin and WordPress and relies on open-source utilities for conducting DDoS and defacement attacks.
According to the report, a Telegram user under the nickname D4RK_TSN is believed to be the founder of Mysterious Team Bangladesh.
The researchers assume that the group will expand its operations further this year and will likely intensify its attacks in Europe, Asia-Pacific, and the Middle East.
In addition, the researchers believe that the hacktivist group will continue to have a particular focus on financial companies and government entities.