New Delhi, Cyber-security researchers on Thursday said they have discovered a hacktivist group from Bangladesh that is targeting the Indian government's websites and servers.
The group called Mysterious Team Bangladesh (MT) is using DDoS (Distributed Denial of Service) attacks against domains and subdomains of several state governments and a web server hosted by the Indian government, according to the team from cyber-security firm CloudSEK.
"Websites belonging to governments of Assam, Madhya Pradesh, Uttar Pradesh, Gujarat, Punjab and Tamil Nadu were affected," the researchers added.
This came to light when a member of the group made a post claiming to have launched an HTTP flood DDoS attack on government websites. Similar posts were seen on multiple platforms including Facebook and Telegram.
The members of the group primarily reside in the Chittagong area of Bangladesh and either study in college or have recently graduated.
Hacktivism appears to be their predominant motivation and the group "majorly operates and communicates via Facebook, Telegram and Twitter", said the team.
"Through meticulous analysis and profiling of multiple groups, it can be rightly concluded that such hacktivist groups collaborate among each other excessively to conduct nefarious attacks, DDoS being the primary one, followed by defacing attacks," said Abhinav Pandey, Cyber Threat Researcher at CloudSEK.
"'Raven Storm' has been the most prevalent tool employed, for such impactful DDoS attacks, by such hacktivist groups," Pandey informed.
One of the co-founders of Mysterious Team Bangladesh has been recognised as Taskin Ahmmed.
The rest of the group primarily consists of students or recent graduates between the age of 20 to 25 years that previously operated under hacker organisations, like Elite Force 71, Bangladesh Cyber Anonymous Team, and Taskin Vau, revealed CloudSEK analysis.
They are predominantly motivated by hacktivism and have associations with an Indonesia-based hacktivist group, "Hacktivist of Garuda".
"They also have a history of involvement in mass reporting of content across public platforms like Youtube, Facebook and Linkedin, etc," said the team.
DDoS attacks can leave websites more vulnerable as some security features may be offline due to the attack.
Damaged infrastructure can cause the collapse of services provided by the website. Websites become vulnerable to further attacks. Loss of data, and credentials being compromised, said the researchers.