7/29/2019 Cyber War- The Whole Story
1/23
7/29/2019 Cyber War- The Whole Story
2/23
Cyber War: The Whole Story
About The Security-Ray:
The Security Rayis a non-profit organization which aims at portraying
the latest hacking and security news. All news related to hacking and
security from around the world can be found in The Security Ray. The
Security Ray was initially started by two security experts from
Bangladesh during December, 2011. Since then, TSR has been trying
to bring the latest news to the people. We try to publish the truth and
aware the people about internet security.
The TSR Team:
Isti Ak Ahmed(Admin)
Maruf Alam (Admin)
Zihan Rgt (Senior Editor and a very important person for TSR)
Raiyan Ahmed (Editor)
Circuit Burner Anan (Graphics Designer)
Proshed Barmon (Pyash) (Senior Search Engine Optimizer)
Arm Maksudul Haque (Head of Planning)
http://www.security-ray.com/http://www.security-ray.com/http://www.security-ray.com/7/29/2019 Cyber War- The Whole Story
3/23
Content:
1. Why this war?
2. How it all started.
3. India's attack.
4. The First retaliation from Bangladeshi hackers.
5. Messages from Bangladesh Cyber Army and Bangladesh Black Hat
Hackers for Indian Government.
6. The Beginning of the DDoS attacks.
7. Shutting down of Indian Stock Exchange sites.
8. Indian Media's failed attempt to spread rumors.
9. War stopped by 3xp1r3 Cyber Army and Bangladesh Black Hat
Hackers.
10. Another massive attack by Bangladesh Cyber Army.
11. The return of Bangladesh Black Hat Hackers.
12. Bangladesh Cyber Army sends messages to webmasters about
increasing website security.
13. Black Hat Hackers goes down, reason found to be internal feuds.
14. The results of the war: Heroes and Martyrs.
15. A little interview with Shadman Tanjim, the founder of Bangladesh
Cyber Army
7/29/2019 Cyber War- The Whole Story
4/23
Chapter 1: Why this war?
The war was actually much needed for the interest of Bangladesh.There were a number of reasons for the war to start. Firstly, the torture
and brutality of the Border Security Forces (BSF) of India rose to the
extreme level. A huge number of innocent Bangladeshi citizens fell
victim to their brutality. Many innocent lives were lost.
Besides, some decisions of the Indian Government greatly damaged the
interest of Bangladesh. Not only these, the Indian hackers were also
engaged in attacking Bangladeshi sites reasonlessly. The reasons of the
war can be clearly understood by taking a glance at the demands put
forward by Bangladesh Cyber Army-
"1. Stop hacking Bangladeshi websites and stop all types of access to
Bangladeshi Cyber Space completely...
2. Stop killing innocent Bangladeshi citizens at BD-India borders...
3. Stop Tipaimukh Dam...
4. Sign the "Teesta Water Sharing Treaty"...
5.Either stop broadcasting of Indian Media in Bangladesh or let
Bangladeshi Media enter India...
6. Stop all Anti-Bangladesh activities of BSF and punish all offenders for
their deeds against Bangladesh...
7. Last but not the least, India has to stop all activities which go against
Bangladesh in any possible way... "
7/29/2019 Cyber War- The Whole Story
5/23
For all these reasons, the war had to start, be it now or then. Many
Indians said that the people who were killed in the border zones were
either smugglers or illegal immigrants. But as we see it, there is no
evidence or any way to prove the validity of their accusation. And even
if the accusations were correct, there are no laws of directly killing
people brutally for such activities infact. And besides, this was only one
of the reasons for the war to begin.
7/29/2019 Cyber War- The Whole Story
6/23
Chapter 2: How it all started
At first, Bangladesh Black Hat Hackers and 3xp1r3 Cyber Army startedattacking Indian sites. At one stage, Indian hackers started attacking
back.
Ashell From Indishell Said, "Indians are attacking BD sites because of
hackers from bbhh and expire. BCA is not involved in this and always
there to protect the country".
After saying this, around 200 Bangladeshi Government websitessuffered hacking attacks. Then, Bangladesh Cyber Army joined the war
to protect their cyber space. The war actually started after Bangladesh
Cyber Army started the attacks. Huge attacks one after another came
over the Indian Cyber Space and this is how, the two countries came to
see a cyber war.
As India was in a state of war with Pakistan as well, Pakistani hackers
also supported Bangladesh at first. Indonesian hacker Chliz Aceh also
supported Bangladesh. Many other hackers did. But at the end, it was
only the Bangladeshi hackers.
7/29/2019 Cyber War- The Whole Story
7/23
Chapter 3: The First retaliation from Bangladeshi hackers.
The First shot came when Bangladesh Cyber Army attacked for the firsttime. The result was the defacement of over 500 Indian websites and
the shutting down 30+ high-profile Indian websites, all done in one
night. The Indian hackers surely did not expect things to get this
serious. They packed up and stopped attacking any further. But the
Bangladeshi hackers brought up the border issue. This was a reflection
of the rage of the Bangladeshi people. They rose from the ashes and
started protesting for the safeguard of their rights.
In this first attack, Bangladesh Black Hat Hackers and 3xp1r3 Cyber
Army also played great roles. On the very same issue, they started
protesting.
Shadoow008, a Pakistani hacker hacked around 2000 Indian sites to
show his support for Bangladesh.
7/29/2019 Cyber War- The Whole Story
8/23
Chapter 4: Messages from Bangladesh Cyber Army and Bangladesh
Black Hat Hackers for Indian Government.
After the first payback attack, Bangladeshi hackers started sending
messages to Indishell and the Indian Government through YouTube. At
first, Bangladesh Black Hat Hackers sent the message. They mentioned
the reasons of the hacks in the video.
Afterwards, Bangladesh Cyber Army sent their message. Their message
portrayed the current situation of the two countries and how
Bangladesh was under a great pressure because of different decisions
of the Indian Government. They also mentioned the killing of innocent
Bangladeshi's at the India-Bangladesh border zones. They also
mentioned their 7 demands which you already read in "Chapter 1".
Afterwards, many other video messages were released on different
occurrences.
7/29/2019 Cyber War- The Whole Story
9/23
Chapter 5: The Beginning of the DDoS attacks.
While Indian hackers were just defacing Bangladeshi Governmentwebsites, Bangladeshi hackers had the idea of shutting down the whole
server. Distributed Denial-of-Service attacks were started by the
Bangladeshi hackers.
The first target was the website of Border Security Forces of India. Who
brought it down first is still a mystery; it may be either Bangladesh
Black Hat Hackers or Bangladesh Cyber Army. This website was brought
down several times during the war. The server of National Informatics
Centre, Ministry of Information Technology, Set India fell victim to the
DDoS attacks of Bangladesh Cyber Army. The website of NDTV suffered
from DNS failure being attacked by Bangladesh Cyber Army. The
website of Reserve Bank of India also went down but it was recovered
within a very short time. Afterwards, a huge number of other Indian
sites were also shut-down.
But the hackers were not contented with DDoS attacks only, they kept
on defacing the sites as well. The site of Directorate of Economics and
Statistics of India, NE TV were hacked and defaced by Bangladesh Cyber
Army.
3xp1r3 Cyber Army rooted one server containing more than 700 Indian
websites. The efforts of some members of Bangladesh Black HatHackers did not go un-noticed. While 3xp1r3 Cyber Army kept defacing
sites on a regular basis, Bangladesh Black Hat Hackers were engaged in
both DDoS and defacement.
7/29/2019 Cyber War- The Whole Story
10/23
Chapter 6: Shutting down of Indian Stock Exchange sites.
The first demand of the hackers was to stop brutality in the borderzones. But even after the start of the war and publishing the demands
in public, two Bangladeshi citizens were captured by BSF. This triggered
another massive attack. Bangladesh Cyber Army released another video
message in YouTube where they mentioned that they would the stock
market of India soon.
Many people thought it to be a fake message and doubted the abilities
of the Bangladeshi hackers. But proving them wrong, the hackers
brought down National Stock Exchange of India for a short time and
Delhi Stock Exchange was down for around 8 hours during peak time.
This might have caused damaged in the financial sector of India as one
of the characteristics of Indian stock exchanges are the online
transactions which was also closed as the websites were closed. In this
attack, not only did the main core members of Bangladesh Cyber Army
took part, but also other patriotic Bangladeshis with an intention to
raise their voice for justice took part. Being united as a single power,
they attacked all together and succeeded.
7/29/2019 Cyber War- The Whole Story
11/23
Chapter 7: Indian Media's failed attempt to spread rumors.
After suffering from severe attacks from Bangladeshi hackers, Indianhackers were at a loss, they even stopped attacking Bangladeshi sites
any further. During this time, some Indian media and news website
thought it would be their duty to stand beside the Indian hackers.
While they would have done it normally, they took a rather
complicated way which no-one would support. They started making up
rumors to stop the Bangladeshi hackers. The rumors included the
arresting of many Indian hackers which was done to demoralizeBangladeshi hackers.
Some media sites even mentioned that Bangladeshi hackers had a
different reason to start the war which was fame. They skipped the
whole matter of the BSF brutality, though these attempts of Indian
media ended in smoke. Besides, those media sites lost their respects
because of these which they actually don't deserve.
7/29/2019 Cyber War- The Whole Story
12/23
Chapter 8: War stopped by 3xp1r3 Cyber Army and Bangladesh Black
Hat Hackers.
At one point during the war, 3xp1r3 Cyber Army stopped their attacks
and announced that they would leave the war. Following them,
Bangladesh Black Hat Hackers also left the battle field. Their reasons for
leaving the war were that India had accepted their demands. But that
actually did not happen. Probably the reasons for them to leave were
organizational disorders.
Black Burn Moonlit, also known as, Angel Irine, who is the admin of
Bangladesh Black Hat Hackers and an ex-member of Bangladesh Cyber
Army even hacked Bangladeshi Government websites showing reasons
that Bangladeshi Government was supporting India. Whatever it may
be, hacking own sites is no sign of "patriotism". The whole TSR team
wonders where his patriotism went while hacking the sites of his own
country. It is to be noted that this hacker was previously kicked out of
Bangladesh Cyber Army for breaking terms and trying to trap the
members of his own group using a stealer.
Even after these two groups left, Bangladesh Cyber Army stayed in the
war, trying to bring some changes and to stand for their demands.
7/29/2019 Cyber War- The Whole Story
13/23
Chapter 9: Another massive attack by Bangladesh Cyber Army.
Bangladesh Cyber Army never stopped their attacks. This attack was abig one and they consider it to be the third phase of the cyber war.
They attacked the sites of Central Bureau of Investigation (CBI), Border
Security Force (BSF), Jute Corporation of India (JCI), Central Institute of
Plastics Engineering and Technology (CIPET), IDBI Paisabuilder and
many others.
R3x0Man of Bangladesh Cyber Army hacked 3 Indian Hacking blogs in
total. HackerIndia, Go4Hacking and Crazyhacker's websites fell victim to
his attacks and were defaced.
Another around 500 Indian sites were hacked by other hackers of the
group but as those were not the much-important ones.
7/29/2019 Cyber War- The Whole Story
14/23
Chapter 10: The return of Bangladesh Black Hat Hackers.
The general mass was not happy about Bangladesh Black Hat Hackersleaving the war. Actually, Bangladeshi people were too pissed off at the
Indian and they were hungry for attacks.
Bangladesh Black Hat Hackers came back again into the war considering
all the matters. They mentioned the reason to be Team Grey Hat's
hacking of Bangladeshi sites.
Team Grey Hat's attack was triggered by 3xp1r3 Cyber Army. 3xp1r3Cyber Army hacked and defaced the site of Team Grey Hat for an open
challenged. It is supposed that Team Grey Hat entered the war to take
revenge of that but they could not do much and left the war after some
small attacks.
7/29/2019 Cyber War- The Whole Story
15/23
Chapter 11: Bangladesh Cyber Army sends messages to webmasters
about increasing website security.
With Team Grey Hat attacking Bangladeshi websites, Bangladesh Cyber
Army thought that it would be necessary to protect their own sites as
well besides hacking the Indian sites. They started sending messages to
Bangladeshi webmasters about increasing their website security. The
steps which they mentioned in their message are-
Prevention:
System and Network security:
1. Firstly, you have to check if there is any vulnerability in the server
where the website is hosted. If there is any, it is to be fixed. As fast as
possible, you should upgrade to the latest web server. If possible, you
should upgrade to the latest version of the operating system. If on the
Linux server, the kernel is to be updated and any present security patch
is to be installed.
2. The firewall is to be checked and made more powerful. Firewall
should be used for both network and application. DDoS Protection is to
be used in the server.
3. The unused ports and services are to be closed. Service applications
are to be updated regularly. Good IDS/IPS and web proxy should be set
up.
4. The websites/web-application's vulnerability is to be checked.
Mainly, SQL Injection, Cross Site Scripting, Cross Site Request Forgery,
File Inclusion, Remote Code Execution, Web Backdoor, Remote File
7/29/2019 Cyber War- The Whole Story
16/23
upload vulnerabilities are to be checked and fixed if there is any. Those
who are new with these can take the help of vulnerability scanners.
5. If the website is not based of any framework like as, Wordpress,
Joomla, PunBB, MyBB, then it is to be updated to the latest version and
security patches are to be installed. All the plugins in the CMS are to be
checked for vulnerabilities and exploits. If exploit is present, it is to be
fixed or some other plug-in is to be used. Go to CMS's Config File and
from Cpanel, change Chmod to 640 or 600.
6. Admin and Cpanel passwords are to be changed and made stronger.
Passwords should have a minimum of 12 characters and should containnumbers, capital letters and small letters.
7. There should not be write access in any file, mainly the configuration
files to be precise. There should be no write access in drives as well.
Directory listing and brute forcing should be closed. If needed for any
purpose, these are to be closed again as soon as the work is done.
Remedy:
8. Site backup should be kept regularly. Backup file should be kept in a
secured place so that it cannot be found through directory browsing. It
is best to keep it offline or out of the Public_html directory.
9. If the site gets hacked, all site contents are to be deleted and. Then
the whole site should be started again from the backup. As the hackers
can keep malicious code in directory, you cannot be satisfied deleting
only the defacement page. Besides the admin and Cpanel passwords
are to be changed.
7/29/2019 Cyber War- The Whole Story
17/23
10. How the site got hacked must be found out, the server log can help
in this case. And the site is to be patched following that so that it
cannot be hacked any further.
7/29/2019 Cyber War- The Whole Story
18/23
Chapter 12: Black Hat Hackers goes down, reason found to be internal
feuds.
Bangladesh Black Hat Hackers, the team which claims to have started
the war started falling because of internal feuds.
They have mentioned that the account of one of their admins, BD Xtor
was hacked and their pages were hacked. But when we started
investigating this, something different came out. It seemed like some of
the members had a plan of moving out of the group and form another
group which they did. That group is now called Bangladesh Grey Hat
Hackers.
It is possible to write a whole magazine on what actually happened
there and how they presented it. Due to various internal feuds, some of
the members "betrayed" and the group fell down. Though BD Xtor
claimed that his account was hacked but using a little device, you can
find that it was not the case. The device you need is a "Brain" only.Hunger for power, how this thing can make people go totally nuts can
be understood here.
7/29/2019 Cyber War- The Whole Story
19/23
Chapter 13: The results of the war: Heroes and Martyrs.
There actually are no heroes yet. The war still did not end. BangladeshCyber Army is still fighting and according to a recent video release, they
would not stop until ALL their demands are considered.
And who says that the war did not help? It did help. 8 members of BSF
were sentenced to 3months in prison for their brutality. 2 Bangladeshi
channels are also being broadcasted in Kolkata now. Aren't all these
supposed to be a great success for the Bangladeshi hackers? All of the
hackers and the supporters too are the heroes. They did not lose hope,
they worked hard and look here, we are already getting the results.
The martyrs, this award will certainly go to the Black Hat Hackers.
Groups with internal feuds never last long. Though they exist no more
as no able members are there to run the group now, during the war
they played their parts. Be it small or large, they did something.
The war still continues and it reflects the hopes of the people. The
Bangladeshi people are standing for their rights. Probably the Indian
Government will soon consider the whole matter and bring an end to
this cyber bloodshed.
7/29/2019 Cyber War- The Whole Story
20/23
Chapter 14: A little interview with Shadman Tanjim, the founder of
Bangladesh Cyber Army
Who do you think is responsible for starting the war?
- Obviously the Indians. BSF's brutality and the fault of some of the
Indian hackers led to the war.
Wasn't there any other way than this war?
- Maybe there was. But after what India was doing, we felt it was
necessary for us to do something. This was a good way as we all are
related to the cyber world. So, isn't it obvious that we would protest
this way?
Yes, that it is. So, how much success did the hackers get according toyou?
- A lot. Because we are getting a good response. Indishell already left
the battlefield as the way Bangladeshis attacked were not expected by
them. When they realized there was nothing they could do to cope up
and were losing the whole thing, they quit. BSF has been warned by
Human Rights Commission. And some Bangladeshi channels are also
being broadcasted in India now. This can be considered as a positive
side of the war. So, from this side, the hackers are completely
successful.
7/29/2019 Cyber War- The Whole Story
21/23
Which were the major attacks by Bangladesh Cyber Army in the war?
- Massive amount of Indian sites were hacked. Even sites like Indian
Stock Market, CBI were brought down by Bangladesh Cyber Army.
Except these, some corporate sites, news sites, TV Media sites, Business
sites, Bank sites, Telecommunication sites, political sites, BSF's site and
other Government and Non-Government site faced the attacks and the
attacks are still continuing.
Is there anything you would want to say to everyone who'll be reading
this?
- I want to say that this war between India and Bangladesh has proved
that Bangladeshis can protest as well, that's what they are doing now.
And this is a warning for India, if India continues their activities against
us, we will take revenge. And I'd like to thank my fellow countrymen for
staying with us and for all their support. InshAllah, we will do our best
to stay worthy of your love and respect forever.
7/29/2019 Cyber War- The Whole Story
22/23
Thanks a lot for spending some of your valuable time reading this. Be
with us and keep up your supports. You can also send us your
feedback at-
Special Thanks toTUNERPAGEandACADEMY OF CLOUDfor their
contributions.
For more information related to hacking and security news, stay
tuned toThe Security-Ray.
Regards
The Security Ray (TSR) Team
http://[email protected]/http://[email protected]/http://www.tunerpage.com/http://www.tunerpage.com/http://www.tunerpage.com/http://www.aocloud.org/http://www.aocloud.org/http://www.aocloud.org/http://www.security-ray.com/http://www.security-ray.com/http://www.security-ray.com/http://www.security-ray.com/http://www.aocloud.org/http://www.tunerpage.com/http://[email protected]/7/29/2019 Cyber War- The Whole Story
23/23