cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Emerging hacking group Team NWH Security targets Bangladeshi banks and military

A relatively obscure hacking collective has gone on a distributed denial-of-service (DDoS) rampage targeting two banks and the navy and air force of Bangladesh.

user icon David Hollingworth
Wed, 16 Aug 2023
Emerging hacking group Team NWH Security targets Bangladeshi banks and military
expand image

Overnight, Team NWH Security managed to disrupt the websites of the ICB Islamic Bank and the Bangladesh Commerce Bank, as well as the Bangladesh Navy and Air Force.

As of writing, the Navy and Bangladesh Commerce Banks sites have been restored; however, the Air Force and Islamic Bank sites remain down.

There is not a great deal of hard information on the hacking group other than they seem to focus on the region surrounding India and Pakistan, as well as south-east Asia. According to the group’s various pages on Instagram, Facebook, and the site formerly known as Twitter, it aims to “achieve internet transparency and expose social and political injustices”.

NWH stands, apparently, for New World Hacktivists, suggesting that the group is non-nation-state affiliated. That said, the group’s logo does prominently feature the Indian flag and national colours. The group’s logo also refers to itself as “7H3 D16174L 5S4D0W”.

However, while information is scant – threat-hunting service Falcon Feeds only lists the four recent Bangladesh DDoS attacks – the group’s activity on its Telegram channel goes back to March 2023.

At the time, the group posted that it was paying “a small visit to Pakistan data servers” after warning others to “get out of from Indian cyber space” – a common refrain in its subsequent posts.

Since then, it has targeted banks, law enforcement, and educational organisations in Indonesia, Pakistan, and Bangladesh and published dozens of exfiltrated files and datasets. The group’s tactics seem to focus on disruption as much as data theft, often defacing websites or taking them offline with DDoS attacks.

The group also seems affiliated with a number of other threat actors in the region, including Kerala Cyber Xtractors, BlackDragonSec, and Indian Cyber Crew, to name a few.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.