Exclusive: BCCI official website hacked by Bangladesh Grey Hat Hackers



A hacker named as "Ashik Iqbal Chy", from Bangladeshi Grey Hat hackers group hacked into the official website of Board Of Control For Cricket In India(BCCI.tv).

The hacker managed to publish and edit few articles with title "HackeD By AshiK IqbaL Chy" in the news section of the site.  Links to edited articles have also been displayed in the main page.

Hacker also changed the picture of the site with Bangladeshi cricket players with a short message saying " Don't mess up with Tigers!"

Hacker told EHN that he gained access to the admin panel of the website and managed to delete articles from the site which results in "under maintanence" mode.

Hacker told EHN that he managed to deface the home page also last night.  He provide us a screenshot of the admin panel.

Exclusive: Admin panel of BCCI

At the time of writing, the website is under "maintenance" mode.  Here is the list of mirrors of defacements:
http://www.zone-h.com/mirror/id/21650626
http://www.zone-h.com/mirror/id/21650812

Reason for the Hack:
One of the member of the hacker group told E Hacking News the hack is part of a protest against "India, England and Australia proposal on test cricket placed to the International Cricket Council"

Zambian Anti-Corruption Commission and AB Bank websites hacked by Bangladesh Grey Hat Hackers

The Bangladesh Grey Hat hackers group hacked into Zambian Anti-Corruption commission website(acc.gov.zm) and AB Bank Zambia website(abbank.co.zm).

The hacker has added their defacement page at "hxxp://www.acc.gov.zm/wp-content/themes/index.php", "hxxp://www.abbank.co.zm/wp-content/index.php".  Both websites are appeared to be using outdated wordpress version.


As a result of security breach, the home page of the affected websites show Database connection error message.


The hacker group also hacked into United Nations in Botswana website and left it defaced(http://www.bw.one.un.org/images/), the home page also shows the database connection error message.

At the time of writing, all of the hacked websites are still showing the defacement page.

Malawi Domain Registrar nic.mw website hacked by Bangladeshi Grey Hat hackers

Bangladeshi grey hat hackers has breached the domain registrar of Malawi, a landlocked country in southeast Africa that leads to defacement of several high profile websites.

Hackers placed the defacement page in the "nic.mw/r00t.htm".  They also managed to upload their defacement page in registrar.mw, biz.mw, co.mw, com.mw, www.coop.mw,www.dot.mw, www.edu.mw/, www.gov.mw, www.int.mw, www.net.mw.

At the time of writing, the hacked websites still displays the defacement page. You can also check the mirror of the defacement here:  http://zone-h.net/archive/notifier=BD%20GREY%20HAT%20HACKERS



Of course, this is not the first time the site is under the radar of the hackers.   Earlier this year,  Bangladeshi hackers hijacked the NIC.mw and left the Google Malawi , Kaspersky, MSN, Yahoo defaced.

We are not sure whether the nic fails to patch the previous vulnerability that leads to the security breach or BGHH found a new vulnerability.  It is always better to take care of your web-app security once you find yourself victim of hackers.

Israel,Peru,Argentina,Bhutan Govt websites Hacked by BGHH



The Bangladesh Grey Hat Hacker group has breached websites from different countries including Israel,Peru,Argentina,Bhutan.

Speaking to EHN, the hacker said the security breach is part of the protest against Israel and support to recent attacks of Anonymous Operation Israel.


The have took control of the 11 Israel sites, 5 Peru Government websites , few Argentina websites, Bhutan Government websites.

The hacked Peru Govt. sites are Luricocha District Municipality (muniluricocha.gob.pe), Lucanas District Municipality(munilucanas.gob.pe), Chirinos District Municipality(munichirinos.gob.pe), Municipal Portal Canas Province(municanas.gob.pe),hospital Ventanilla(hospitalventanilla.gob.pe).

Bhutan InfoComm and Media Authority(bicma.gov.bt) and MHPA Telephone Directory(mhpa.gov.bt) are also defaced by the BGHH group.

*Update*:
The hackers also defaced Bhutan Drug Regulatory Authority(dra.gov.bt), Bhutan National Museum(www.nationalmuseum.gov.bt) .

The rest of the affected websites can be found in this link: pastebin.com/q4Aw1T5u

Hacked Bangladeshi Police site restored by Bangladesh Grey Hat Hackers


The Bangladeshi hacker group known as "Bangladesh Grey Hat hackers(BGHH) has claimed to have restored two Bangaldeshi Government websites after it got hacked by Pakistani hackers.

BGHH hacked the websites belong to Panchagarh Govt. Girls' High School(pgghs.edu.bd) and Chittagong Range Police(ctgrangepolice.gov.bd). The hacker defaced those websites and left a security tips to administrators to secure their websites.

"This Web site has been hacked by Pakistani hackers. 's Server has root access to the server and access them. Saitai on any web server that allows the hacker to the server by hand and some government websites, including that of the total 341 websites are hosted. All together, the hacker also deleted the web saitakei diphesa or Truly it. In addition to these important seyararda server hosting the website is not secure and is done emerikaya server location." The hacker said int he defacement page(translated).

The hacker claimed that they are using plain-text passwords and recommended them to use encrypted passwords, also suggested to use SSL.

"We request all the site Admin's to secure their site.. We are always there to secure Bangladeshi Cyber Space..." Hacker said in the email sent to EHN.

At the time of writing, the administrator of School websites has taken the site offline but the Police websites still shows the defacement page(ctgrangepolice.gov.bd/psc/)

More than 1400 Indian sites hacked by Bangladesh Grey hat hackers


The Bangladesh hackers from hacker collective known as "Bangladesh Grey Hat hackers(BGHH)", claim to have hacked and defaced more than 1400 Indian website in Memory of 15-Year-Old Girl .

"Today is the first anniversary of the Death of "felani"..
Felani is poor girl from Bangladesh who is brutally kiled by Indian border guards [bsf].." hacker said in an email sent to EHN, .

"On this occasion, we strongly condemn the activity of bsf on our border.They are daily killing our people brutally."

The hacked sites includes The Institute for Development and Communication (IDC) , Tutors Educationa's official website, Software Technology Network, Indian Meridian Security Force, Architect Kerala and more sites.

The mirror of hacked sites can be found here:
http://www.zone-h.org/archive/notifier=BD%20GREY%20HAT%20HACKERS