A hacktivist group identified as Mysterious Crew Bangladesh has been linked to above 750 distributed denial-of-service (DDoS) assaults and 78 site defacements since June 2022.
“The team most routinely assaults logistics, govt, and economical sector corporations in India and Israel,” Singapore-headquartered cybersecurity firm Group-IB mentioned in a report shared with The Hacker Information. “The team is mainly pushed by spiritual and political motives.”
Some of the other qualified countries consist of Australia, Senegal, the Netherlands, Sweden, and Ethiopia.
In addition, the risk actor is claimed to have received access to web servers and administrative panels, most likely by exploiting known security flaws or inadequately-secured passwords.
Mysterious Staff Bangladesh, as the identify indicates, is suspected to be of Bangladeshi origin. “We are performing to protect Our Bangladesh Cyberspace,” the group’s Intro on Fb reads.
The group has an energetic social media presence across Telegram and Twitter. Its LinkedIn profile lists “Operation Israel” as an ongoing job considering that June 2022, claiming it supports Palestine, that the “Israeli Govt killing & torturing Palestine people’s,” and that “we will attacking their cyberspace right until they end killing Palestine People’s.”
Specifics about the menace actor first emerged in late 2022 when CloudSEK discovered its plans to attack entities in India. A December 2022 attack on India’s Central Board of Bigger Training (CBHE) units led to the publicity of individually identifiable details these kinds of as govt identification numbers. It has given that been attributed to DDoS assaults on numerous UAE govt sites.
The very first attack marketing campaign towards India took place on June 22, 2022, with the group showcasing an affinity for govt resources and the sites of financial institutions and fiscal companies.
“The renaissance of hacktivism throughout the globe may possibly have its roots in the ongoing geopolitical conflict, for the duration of which hacktivists have carried out various strategies,” the company mentioned.
“As can be noticed, contemporary hacktivist groups are much less inspired by any ideology but try to establish their possess brand name and recognition in get to subsequently monetize their facts means by way of the sale of advertising.”
The conclusions come as a pro-Russian hacktivist collective dubbed NoName057(16) has been connected to a refreshing wave of disruptive DDoS assaults on Spanish and Italian web-sites in current weeks.
“What is new about NoName057(16)’s DDoSia assaults is that the team admins perform reconnaissance in advance of staging their attack vectors,” Radware reported in a Wednesday assessment. “They examine the concentrate on web-site and identify the most source-intense elements of the web site.
“Pages with a research perform or a kind to fill in are regular candidates. NoName057(16) documents all the variables used by GET and Post requests for these web pages, which includes any cookies and likely captcha keys, and then crafts unique web requests with placeholders for random knowledge to be leveraged as attack vectors.”
Discovered this report appealing? Comply with us on Twitter and LinkedIn to go through extra special material we post.
Some parts of this article are sourced from:
thehackernews.com