The website of the Bangladesh Telecommunications Regulatory Commission (BTRC) was hacked again on Saturday evening by an anonymous individual who wrote on the homepage of the website “Hacked by MR FIKOU 39.”
Earlier on May 22, Google blocked links to the regulator’s website after a routine scan for inclusion in search results found malware being hosted on the website.
Malware, short for malicious software, is computer programme usually coded by hackers to disrupt a computer’s smooth operation and gather sensitive information or gain access to the system.
Last month’s hacking resulted the appearance of a warning page if any user attempted to visit the BTRC website via the link issued by Google’s search result but yesterday, a picture of a mime maestro emerged when the link was visited after 6pm.
After the hacking, the site’s homepage also had the lines “Don’t worry your security is strong; don’t hate me hate the game!”
It also read, “I’m Muslim. I don’t forgive. I don’t forget. There’s only One God is Allah!” apart from the hackers pseudonym name.
BTRC sources said though they are responsible to look after the government’s telecommunications regulatory website, there are still many problems and loopholes which needed to be fixed.
“That is why a cyber-crime authority ‘Bangladesh Computer Security Incident Response Time (BD-CSIRT) was initially initiated under BTRC,” a BTRC official said, requesting anonymity.
According to the Google’s warning messages, out of the 73 pages tested on BTRC’s website over the past 90 days, 44 pages resulted in malware being downloaded and installed in the computer without the user’s consent. Google authorities last scanned the website on May 17 and the last time they found a suspicious content was on May 14.
Google offers a free monitoring service for the owners of websites, and it usually sends emails to the registered email addresses warning the owner of specified problems before it blocks the website entirely from its search engine.
Attempts to visit the website directly without using Google’s search engine, using a standard set-up Firefox web browser, also flagged the same warning messages.
When contacted, two weeks ago, Md Giashuddin Ahmed, convener of the BD-CSIRT and also the vice chairman of BTRC, told the Dhaka Tribune: “I have no knowledge regarding the claims Google is making.”
BD-CSIRT has recently scanned many government websites and found many problems with glitches and malware threats. According to BTRC sources, the foreign ministry’s website is the most vulnerable. Other affected ministry web sites are the cabinet, ICT, home and education.
On the issue of BD-CSIRT’s role, sources said, BTRC through its security platform has filed at least 350 requests to Facebook’s authority of different infringements but only 250 cases were resolved in the last 14 months, though the platform received a total of 786 objections from affected people.