Bangladeshi grey hat hackers has breached the domain registrar of Malawi, a landlocked country in southeast Africa that leads to defacement of several high profile websites.
Hackers placed the defacement page in the "nic.mw/r00t.htm". They also managed to upload their defacement page in registrar.mw, biz.mw, co.mw, com.mw, www.coop.mw,www.dot.mw, www.edu.mw/, www.gov.mw, www.int.mw, www.net.mw.
At the time of writing, the hacked websites still displays the defacement page. You can also check the mirror of the defacement here: http://zone-h.net/archive/notifier=BD%20GREY%20HAT%20HACKERS
Of course, this is not the first time the site is under the radar of the hackers. Earlier this year, Bangladeshi hackers hijacked the NIC.mw and left the Google Malawi , Kaspersky, MSN, Yahoo defaced.
We are not sure whether the nic fails to patch the previous vulnerability that leads to the security breach or BGHH found a new vulnerability. It is always better to take care of your web-app security once you find yourself victim of hackers.
Hackers placed the defacement page in the "nic.mw/r00t.htm". They also managed to upload their defacement page in registrar.mw, biz.mw, co.mw, com.mw, www.coop.mw,www.dot.mw, www.edu.mw/, www.gov.mw, www.int.mw, www.net.mw.
At the time of writing, the hacked websites still displays the defacement page. You can also check the mirror of the defacement here: http://zone-h.net/archive/notifier=BD%20GREY%20HAT%20HACKERS
Of course, this is not the first time the site is under the radar of the hackers. Earlier this year, Bangladeshi hackers hijacked the NIC.mw and left the Google Malawi , Kaspersky, MSN, Yahoo defaced.
We are not sure whether the nic fails to patch the previous vulnerability that leads to the security breach or BGHH found a new vulnerability. It is always better to take care of your web-app security once you find yourself victim of hackers.
The Bangladesh Grey Hat Hacker group has breached websites from different countries including Israel,Peru,Argentina,Bhutan.
Speaking to EHN, the hacker said the security breach is part of the protest against Israel and support to recent attacks of Anonymous Operation Israel.
The hacked Peru Govt. sites are Luricocha District Municipality (muniluricocha.gob.pe), Lucanas District Municipality(munilucanas.gob.pe), Chirinos District Municipality(munichirinos.gob.pe), Municipal Portal Canas Province(municanas.gob.pe),hospital Ventanilla(hospitalventanilla.gob.pe).
Bhutan InfoComm and Media Authority(bicma.gov.bt) and MHPA Telephone Directory(mhpa.gov.bt) are also defaced by the BGHH group.
*Update*:
The hackers also defaced Bhutan Drug Regulatory Authority(dra.gov.bt), Bhutan National Museum(www.nationalmuseum.gov.bt) .
The rest of the affected websites can be found in this link: pastebin.com/q4Aw1T5u
The Bangladeshi hacker group known as "Bangladesh Grey Hat hackers(BGHH) has claimed to have restored two Bangaldeshi Government websites after it got hacked by Pakistani hackers.
BGHH hacked the websites belong to Panchagarh Govt. Girls' High School(pgghs.edu.bd) and Chittagong Range Police(ctgrangepolice.gov.bd). The hacker defaced those websites and left a security tips to administrators to secure their websites.
"This Web site has been hacked by Pakistani hackers. 's Server has root access to the server and access them. Saitai on any web server that allows the hacker to the server by hand and some government websites, including that of the total 341 websites are hosted. All together, the hacker also deleted the web saitakei diphesa or Truly it. In addition to these important seyararda server hosting the website is not secure and is done emerikaya server location." The hacker said int he defacement page(translated).
The hacker claimed that they are using plain-text passwords and recommended them to use encrypted passwords, also suggested to use SSL.
"We request all the site Admin's to secure their site.. We are always there to secure Bangladeshi Cyber Space..." Hacker said in the email sent to EHN.
At the time of writing, the administrator of School websites has taken the site offline but the Police websites still shows the defacement page(ctgrangepolice.gov.bd/psc/)
The Bangladesh hackers from hacker collective known as "Bangladesh Grey Hat hackers(BGHH)", claim to have hacked and defaced more than 1400 Indian website in Memory of 15-Year-Old Girl .
"Today is the first anniversary of the Death of "felani"..
Felani is poor girl from Bangladesh who is brutally kiled by Indian border guards [bsf].." hacker said in an email sent to EHN, .
"On this occasion, we strongly condemn the activity of bsf on our border.They are daily killing our people brutally."
The hacked sites includes The Institute for Development and Communication (IDC) , Tutors Educationa's official website, Software Technology Network, Indian Meridian Security Force, Architect Kerala and more sites.
The mirror of hacked sites can be found here:
http://www.zone-h.org/archive/notifier=BD%20GREY%20HAT%20HACKERS
