cyber war- the whole story

7/29/2019 Cyber War- The Whole Story

1/23


2/23

Cyber War: The Whole Story

About The Security-Ray:

The Security Rayis a non-profit organization which aims at portraying

the latest hacking and security news. All news related to hacking and

security from around the world can be found in The Security Ray. The

Security Ray was initially started by two security experts from

Bangladesh during December, 2011. Since then, TSR has been trying

to bring the latest news to the people. We try to publish the truth and

aware the people about internet security.

The TSR Team:

Isti Ak Ahmed(Admin)

Maruf Alam (Admin)

Zihan Rgt (Senior Editor and a very important person for TSR)

Raiyan Ahmed (Editor)

Circuit Burner Anan (Graphics Designer)

Proshed Barmon (Pyash) (Senior Search Engine Optimizer)

Arm Maksudul Haque (Head of Planning)
http://www.security-ray.com/http://www.security-ray.com/http://www.security-ray.com/


3/23

Content:

1. Why this war?

2. How it all started.

3. India's attack.

4. The First retaliation from Bangladeshi hackers.

5. Messages from Bangladesh Cyber Army and Bangladesh Black Hat

Hackers for Indian Government.

6. The Beginning of the DDoS attacks.

7. Shutting down of Indian Stock Exchange sites.

8. Indian Media's failed attempt to spread rumors.

9. War stopped by 3xp1r3 Cyber Army and Bangladesh Black Hat

Hackers.

10. Another massive attack by Bangladesh Cyber Army.

11. The return of Bangladesh Black Hat Hackers.

12. Bangladesh Cyber Army sends messages to webmasters about

increasing website security.

13. Black Hat Hackers goes down, reason found to be internal feuds.

14. The results of the war: Heroes and Martyrs.

15. A little interview with Shadman Tanjim, the founder of Bangladesh

Cyber Army


4/23

Chapter 1: Why this war?

The war was actually much needed for the interest of Bangladesh.There were a number of reasons for the war to start. Firstly, the torture

and brutality of the Border Security Forces (BSF) of India rose to the

extreme level. A huge number of innocent Bangladeshi citizens fell

victim to their brutality. Many innocent lives were lost.

Besides, some decisions of the Indian Government greatly damaged the

interest of Bangladesh. Not only these, the Indian hackers were also

engaged in attacking Bangladeshi sites reasonlessly. The reasons of the

war can be clearly understood by taking a glance at the demands put

forward by Bangladesh Cyber Army-

"1. Stop hacking Bangladeshi websites and stop all types of access to

Bangladeshi Cyber Space completely...

2. Stop killing innocent Bangladeshi citizens at BD-India borders...

3. Stop Tipaimukh Dam...

4. Sign the "Teesta Water Sharing Treaty"...

5.Either stop broadcasting of Indian Media in Bangladesh or let

Bangladeshi Media enter India...

6. Stop all Anti-Bangladesh activities of BSF and punish all offenders for

their deeds against Bangladesh...

7. Last but not the least, India has to stop all activities which go against

Bangladesh in any possible way... "


5/23

For all these reasons, the war had to start, be it now or then. Many

Indians said that the people who were killed in the border zones were

either smugglers or illegal immigrants. But as we see it, there is no

evidence or any way to prove the validity of their accusation. And even

if the accusations were correct, there are no laws of directly killing

people brutally for such activities infact. And besides, this was only one

of the reasons for the war to begin.


6/23

Chapter 2: How it all started

At first, Bangladesh Black Hat Hackers and 3xp1r3 Cyber Army startedattacking Indian sites. At one stage, Indian hackers started attacking

back.

Ashell From Indishell Said, "Indians are attacking BD sites because of

hackers from bbhh and expire. BCA is not involved in this and always

there to protect the country".

After saying this, around 200 Bangladeshi Government websitessuffered hacking attacks. Then, Bangladesh Cyber Army joined the war

to protect their cyber space. The war actually started after Bangladesh

Cyber Army started the attacks. Huge attacks one after another came

over the Indian Cyber Space and this is how, the two countries came to

see a cyber war.

As India was in a state of war with Pakistan as well, Pakistani hackers

also supported Bangladesh at first. Indonesian hacker Chliz Aceh also

supported Bangladesh. Many other hackers did. But at the end, it was

only the Bangladeshi hackers.


7/23

Chapter 3: The First retaliation from Bangladeshi hackers.

The First shot came when Bangladesh Cyber Army attacked for the firsttime. The result was the defacement of over 500 Indian websites and

the shutting down 30+ high-profile Indian websites, all done in one

night. The Indian hackers surely did not expect things to get this

serious. They packed up and stopped attacking any further. But the

Bangladeshi hackers brought up the border issue. This was a reflection

of the rage of the Bangladeshi people. They rose from the ashes and

started protesting for the safeguard of their rights.

In this first attack, Bangladesh Black Hat Hackers and 3xp1r3 Cyber

Army also played great roles. On the very same issue, they started

protesting.

Shadoow008, a Pakistani hacker hacked around 2000 Indian sites to

show his support for Bangladesh.


8/23

Chapter 4: Messages from Bangladesh Cyber Army and Bangladesh

Black Hat Hackers for Indian Government.

After the first payback attack, Bangladeshi hackers started sending

messages to Indishell and the Indian Government through YouTube. At

first, Bangladesh Black Hat Hackers sent the message. They mentioned

the reasons of the hacks in the video.

Afterwards, Bangladesh Cyber Army sent their message. Their message

portrayed the current situation of the two countries and how

Bangladesh was under a great pressure because of different decisions

of the Indian Government. They also mentioned the killing of innocent

Bangladeshi's at the India-Bangladesh border zones. They also

mentioned their 7 demands which you already read in "Chapter 1".

Afterwards, many other video messages were released on different

occurrences.


9/23

Chapter 5: The Beginning of the DDoS attacks.

While Indian hackers were just defacing Bangladeshi Governmentwebsites, Bangladeshi hackers had the idea of shutting down the whole

server. Distributed Denial-of-Service attacks were started by the

Bangladeshi hackers.

The first target was the website of Border Security Forces of India. Who

brought it down first is still a mystery; it may be either Bangladesh

Black Hat Hackers or Bangladesh Cyber Army. This website was brought

down several times during the war. The server of National Informatics

Centre, Ministry of Information Technology, Set India fell victim to the

DDoS attacks of Bangladesh Cyber Army. The website of NDTV suffered

from DNS failure being attacked by Bangladesh Cyber Army. The

website of Reserve Bank of India also went down but it was recovered

within a very short time. Afterwards, a huge number of other Indian

sites were also shut-down.

But the hackers were not contented with DDoS attacks only, they kept

on defacing the sites as well. The site of Directorate of Economics and

Statistics of India, NE TV were hacked and defaced by Bangladesh Cyber

Army.

3xp1r3 Cyber Army rooted one server containing more than 700 Indian

websites. The efforts of some members of Bangladesh Black HatHackers did not go un-noticed. While 3xp1r3 Cyber Army kept defacing

sites on a regular basis, Bangladesh Black Hat Hackers were engaged in

both DDoS and defacement.


10/23

Chapter 6: Shutting down of Indian Stock Exchange sites.

The first demand of the hackers was to stop brutality in the borderzones. But even after the start of the war and publishing the demands

in public, two Bangladeshi citizens were captured by BSF. This triggered

another massive attack. Bangladesh Cyber Army released another video

message in YouTube where they mentioned that they would the stock

market of India soon.

Many people thought it to be a fake message and doubted the abilities

of the Bangladeshi hackers. But proving them wrong, the hackers

brought down National Stock Exchange of India for a short time and

Delhi Stock Exchange was down for around 8 hours during peak time.

This might have caused damaged in the financial sector of India as one

of the characteristics of Indian stock exchanges are the online

transactions which was also closed as the websites were closed. In this

attack, not only did the main core members of Bangladesh Cyber Army

took part, but also other patriotic Bangladeshis with an intention to

raise their voice for justice took part. Being united as a single power,

they attacked all together and succeeded.


11/23

Chapter 7: Indian Media's failed attempt to spread rumors.

After suffering from severe attacks from Bangladeshi hackers, Indianhackers were at a loss, they even stopped attacking Bangladeshi sites

any further. During this time, some Indian media and news website

thought it would be their duty to stand beside the Indian hackers.

While they would have done it normally, they took a rather

complicated way which no-one would support. They started making up

rumors to stop the Bangladeshi hackers. The rumors included the

arresting of many Indian hackers which was done to demoralizeBangladeshi hackers.

Some media sites even mentioned that Bangladeshi hackers had a

different reason to start the war which was fame. They skipped the

whole matter of the BSF brutality, though these attempts of Indian

media ended in smoke. Besides, those media sites lost their respects

because of these which they actually don't deserve.


12/23

Chapter 8: War stopped by 3xp1r3 Cyber Army and Bangladesh Black

Hat Hackers.

At one point during the war, 3xp1r3 Cyber Army stopped their attacks

and announced that they would leave the war. Following them,

Bangladesh Black Hat Hackers also left the battle field. Their reasons for

leaving the war were that India had accepted their demands. But that

actually did not happen. Probably the reasons for them to leave were

organizational disorders.

Black Burn Moonlit, also known as, Angel Irine, who is the admin of

Bangladesh Black Hat Hackers and an ex-member of Bangladesh Cyber

Army even hacked Bangladeshi Government websites showing reasons

that Bangladeshi Government was supporting India. Whatever it may

be, hacking own sites is no sign of "patriotism". The whole TSR team

wonders where his patriotism went while hacking the sites of his own

country. It is to be noted that this hacker was previously kicked out of

Bangladesh Cyber Army for breaking terms and trying to trap the

members of his own group using a stealer.

Even after these two groups left, Bangladesh Cyber Army stayed in the

war, trying to bring some changes and to stand for their demands.


13/23

Chapter 9: Another massive attack by Bangladesh Cyber Army.

Bangladesh Cyber Army never stopped their attacks. This attack was abig one and they consider it to be the third phase of the cyber war.

They attacked the sites of Central Bureau of Investigation (CBI), Border

Security Force (BSF), Jute Corporation of India (JCI), Central Institute of

Plastics Engineering and Technology (CIPET), IDBI Paisabuilder and

many others.

R3x0Man of Bangladesh Cyber Army hacked 3 Indian Hacking blogs in

total. HackerIndia, Go4Hacking and Crazyhacker's websites fell victim to

his attacks and were defaced.

Another around 500 Indian sites were hacked by other hackers of the

group but as those were not the much-important ones.


14/23

Chapter 10: The return of Bangladesh Black Hat Hackers.

The general mass was not happy about Bangladesh Black Hat Hackersleaving the war. Actually, Bangladeshi people were too pissed off at the

Indian and they were hungry for attacks.

Bangladesh Black Hat Hackers came back again into the war considering

all the matters. They mentioned the reason to be Team Grey Hat's

hacking of Bangladeshi sites.

Team Grey Hat's attack was triggered by 3xp1r3 Cyber Army. 3xp1r3Cyber Army hacked and defaced the site of Team Grey Hat for an open

challenged. It is supposed that Team Grey Hat entered the war to take

revenge of that but they could not do much and left the war after some

small attacks.


15/23

Chapter 11: Bangladesh Cyber Army sends messages to webmasters

about increasing website security.

With Team Grey Hat attacking Bangladeshi websites, Bangladesh Cyber

Army thought that it would be necessary to protect their own sites as

well besides hacking the Indian sites. They started sending messages to

Bangladeshi webmasters about increasing their website security. The

steps which they mentioned in their message are-

Prevention:

System and Network security:

1. Firstly, you have to check if there is any vulnerability in the server

where the website is hosted. If there is any, it is to be fixed. As fast as

possible, you should upgrade to the latest web server. If possible, you

should upgrade to the latest version of the operating system. If on the

Linux server, the kernel is to be updated and any present security patch

is to be installed.

2. The firewall is to be checked and made more powerful. Firewall

should be used for both network and application. DDoS Protection is to

be used in the server.

3. The unused ports and services are to be closed. Service applications

are to be updated regularly. Good IDS/IPS and web proxy should be set

up.

4. The websites/web-application's vulnerability is to be checked.

Mainly, SQL Injection, Cross Site Scripting, Cross Site Request Forgery,

File Inclusion, Remote Code Execution, Web Backdoor, Remote File


16/23

upload vulnerabilities are to be checked and fixed if there is any. Those

who are new with these can take the help of vulnerability scanners.

5. If the website is not based of any framework like as, Wordpress,

Joomla, PunBB, MyBB, then it is to be updated to the latest version and

security patches are to be installed. All the plugins in the CMS are to be

checked for vulnerabilities and exploits. If exploit is present, it is to be

fixed or some other plug-in is to be used. Go to CMS's Config File and

from Cpanel, change Chmod to 640 or 600.

6. Admin and Cpanel passwords are to be changed and made stronger.

Passwords should have a minimum of 12 characters and should containnumbers, capital letters and small letters.

7. There should not be write access in any file, mainly the configuration

files to be precise. There should be no write access in drives as well.

Directory listing and brute forcing should be closed. If needed for any

purpose, these are to be closed again as soon as the work is done.

Remedy:

8. Site backup should be kept regularly. Backup file should be kept in a

secured place so that it cannot be found through directory browsing. It

is best to keep it offline or out of the Public_html directory.

9. If the site gets hacked, all site contents are to be deleted and. Then

the whole site should be started again from the backup. As the hackers

can keep malicious code in directory, you cannot be satisfied deleting

only the defacement page. Besides the admin and Cpanel passwords

are to be changed.


17/23

10. How the site got hacked must be found out, the server log can help

in this case. And the site is to be patched following that so that it

cannot be hacked any further.


18/23

Chapter 12: Black Hat Hackers goes down, reason found to be internal

feuds.

Bangladesh Black Hat Hackers, the team which claims to have started

the war started falling because of internal feuds.

They have mentioned that the account of one of their admins, BD Xtor

was hacked and their pages were hacked. But when we started

investigating this, something different came out. It seemed like some of

the members had a plan of moving out of the group and form another

group which they did. That group is now called Bangladesh Grey Hat

Hackers.

It is possible to write a whole magazine on what actually happened

there and how they presented it. Due to various internal feuds, some of

the members "betrayed" and the group fell down. Though BD Xtor

claimed that his account was hacked but using a little device, you can

find that it was not the case. The device you need is a "Brain" only.Hunger for power, how this thing can make people go totally nuts can

be understood here.


19/23

Chapter 13: The results of the war: Heroes and Martyrs.

There actually are no heroes yet. The war still did not end. BangladeshCyber Army is still fighting and according to a recent video release, they

would not stop until ALL their demands are considered.

And who says that the war did not help? It did help. 8 members of BSF

were sentenced to 3months in prison for their brutality. 2 Bangladeshi

channels are also being broadcasted in Kolkata now. Aren't all these

supposed to be a great success for the Bangladeshi hackers? All of the

hackers and the supporters too are the heroes. They did not lose hope,

they worked hard and look here, we are already getting the results.

The martyrs, this award will certainly go to the Black Hat Hackers.

Groups with internal feuds never last long. Though they exist no more

as no able members are there to run the group now, during the war

they played their parts. Be it small or large, they did something.

The war still continues and it reflects the hopes of the people. The

Bangladeshi people are standing for their rights. Probably the Indian

Government will soon consider the whole matter and bring an end to

this cyber bloodshed.


20/23

Chapter 14: A little interview with Shadman Tanjim, the founder of

Bangladesh Cyber Army

Who do you think is responsible for starting the war?

- Obviously the Indians. BSF's brutality and the fault of some of the

Indian hackers led to the war.

Wasn't there any other way than this war?

- Maybe there was. But after what India was doing, we felt it was

necessary for us to do something. This was a good way as we all are

related to the cyber world. So, isn't it obvious that we would protest

this way?

Yes, that it is. So, how much success did the hackers get according toyou?

- A lot. Because we are getting a good response. Indishell already left

the battlefield as the way Bangladeshis attacked were not expected by

them. When they realized there was nothing they could do to cope up

and were losing the whole thing, they quit. BSF has been warned by

Human Rights Commission. And some Bangladeshi channels are also

being broadcasted in India now. This can be considered as a positive

side of the war. So, from this side, the hackers are completely

successful.


21/23

Which were the major attacks by Bangladesh Cyber Army in the war?

- Massive amount of Indian sites were hacked. Even sites like Indian

Stock Market, CBI were brought down by Bangladesh Cyber Army.

Except these, some corporate sites, news sites, TV Media sites, Business

sites, Bank sites, Telecommunication sites, political sites, BSF's site and

other Government and Non-Government site faced the attacks and the

attacks are still continuing.

Is there anything you would want to say to everyone who'll be reading

this?

- I want to say that this war between India and Bangladesh has proved

that Bangladeshis can protest as well, that's what they are doing now.

And this is a warning for India, if India continues their activities against

us, we will take revenge. And I'd like to thank my fellow countrymen for

staying with us and for all their support. InshAllah, we will do our best

to stay worthy of your love and respect forever.


22/23

Thanks a lot for spending some of your valuable time reading this. Be

with us and keep up your supports. You can also send us your

feedback at-

[email protected]

Special Thanks toTUNERPAGEandACADEMY OF CLOUDfor their

contributions.

For more information related to hacking and security news, stay

tuned toThe Security-Ray.

Regards

The Security Ray (TSR) Team
http://[email protected]/http://[email protected]/http://www.tunerpage.com/http://www.tunerpage.com/http://www.tunerpage.com/http://www.aocloud.org/http://www.aocloud.org/http://www.aocloud.org/http://www.security-ray.com/http://www.security-ray.com/http://www.security-ray.com/http://www.security-ray.com/http://www.aocloud.org/http://www.tunerpage.com/http://[email protected]/


23/23

cyber war- the whole story

Documents