Hackers take down four websites to 'teach BTCL a lesson'
Senior Correspondent bdnews24.com
Published: 2017-01-01 19:43:53.0 BdST Updated: 2017-01-01 22:25:48.0 BdST
Hackers have launched a brazen attack on as many as four dot bd domain websites in a virtual mockery of Bangladesh's digital security arrangements.
Search engine giant Google's dot bd version is among the sites affected.
The other sites are robi.com.bd, banglalink.com.bd and ittefaq.com.bd.
Although telecom operator Robi has managed to recover their website, the other three sites have been in blackout even after 17 hours.
The attack comes within
10 days of a similar cybercrime.
The BTCL has so far been tightlipped about the issue. Banglalink officials have said that they are working to resolve the problem.
All non-government .bd website search requests are routed through the BTCL gateway.
Owing to inadequate security arrangements, if anyone can gain access into the BTCL DNS entry, they can redirect the search request so that the user cannot access the desired site.
The search request is instead redirected to a hacker-selected website.
Using this security vulnerability, a Pakistani hacker on Dec 20 redirected search requests away from google.co.bd.
He also left the words "Security is just an illusion" posted on the redirected destination.
The incident apparently failed to have served as a wake-up call for the BTCL.
With the security loophole still unplugged, the latest hacker, who goes by the name "Akash" on his Facebook profile, mounted another attack on as many as four .bd websites .
He has redirected the four sites of Robi, Ittefaq, Banglalink and Google Bangladesh to his own Facebook page, making a mockery of digital security arrangements boasted of by the authorities.
Explaining why he went on to do such a thing, he said he had spotted the security lacunae on Sep 23 and had called up BTCL and asked them to fix it.
But that warning failed to move them.
"As a result, on Dec 20, a Pakistani hacker mounted a hack. I wonder when the callousness regarding security is at home, and someone from outside hacks into our sites and puts us to shame, whose fault is it anyway?
"The fault is of those in the BTCL who are being careless about security.
"Now the prime minister has launched dot bangla. She is taking the country towards a digital Bangladesh. But the callousness of a handful is leading to a collapse of cyber security in the country," the hacker observed on his Facebook page."
He said just as he had redirected the four sites, any number of sites could be made to do the same.
He urged the authorities to ponder over the danger that looms due to the security snag.
He asked the authorities to think over the catastrophic situation that would arise if someone fancied hacking into the various government and other important websites.
"Pakistani hacker shames us. Yet no lesson is learnt. They say when you cannot do something the straight way, you need to bend your ways. So here on the last day of the year, #31st, I am forced to do it," he wrote.
Clarifying that what he has done is not hacking nor is he a hacker, he said the developer on duty can fix the bug quickly.
He said he did this in an attempt to expose the security lapse that could threaten the digital security of Bangladesh and make it vulnerable to attacks by hackers from outside the country.
Urging the state minister for telecoms and state minister for information to take corrective action, he ended his message with "Joy Bangla."
Fiber@Home's Sabir said he doubts if BTCL has the know-how to deal with the technical nitty-gritty of the issue.
A Robi official said they have taken corrective measures after receiving inputs about the attack on Sunday morning. A Banglalink official has also said they are looking into the issue.
However, when contacted, BTCL Director (Public Relations and Publicity) Mir Mohammed Morshed declined comment.
Any unauthorised use or reproduction of bdnews24.com content for commercial purposes is strictly prohibited and constitutes copyright infringement liable to legal action.
- Samsung launches Galaxy S8 and dreams of recovery from Note 7
- Samsung Electronics says to sell refurbished Galaxy Note 7 phones
- Uber resumes self-driving programme in Tempe, Pittsburgh after crash
- Uber suspends self-driving car program after Arizona crash
- Germany blocked Russian hacking attacks in 2016
- Twitter explores subscription-based option for first time
- YouTube's bid to grab TV dollars imperiled by advertiser revolt'
- Apple drives further into Facebook, Snap territory with video app
- Twitter suspended more than 636,000 accounts since 2015 to tackle extremism
- G20 to jointly fight bank sector hacking
- Security forces launch operation on terror den in Moulvibazar
- Security forces raiding two militant hideouts in Moulvibazar
- Police move to raid 'militant hideout' in Comilla
- Section 144 clamped around two suspected Moulvibazar militant hideouts
- SWAT team heading for Moulvibazar terror dens, army if needed, says home minister
- Former Indian army veterans all praise for Bangladesh para-commandos
- Bangladesh Bank heist was 'state-sponsored': US official
- Police inspector in Bogra found hanging at home
- RAB intel chief, injured in Sylhet blasts, to be brought back from Singapore
- Pakistan not sending team to IPU Assembly in Bangladesh