Petrobangla website hacked again (updated)
So this does not inspire confidence. Md. Saidun Nabi of the Dhaka Tribune reports:
Just seven and a half hours after it had been restored, the official website of the Bangladesh Oil, Gas and Mineral Corporation (Petrobangla) was hacked again at 5pm on Monday.
Earlier, the website (www.petrobangla.org.bd) was hacked at 5pm on Sunday, before being restored at 9:30am on Monday.
In the latest hacking incident, hackers using the name “N33LOB33” wrote on the website: “It is not possible to work with such security. It has been hacked again. Contact at [email protected]. We are fixing the weakness in your security.
Read more on Dhaka Tribune.
DataBreaches.net tried to reach out to the hackers via email to the email address they had provided, but has received no response as yet.
Update: I’ve heard back from the hacker(s). In answer to my inquiry about whether they had exfiltrated any data (I’m calling the attacker “they” because I really don’t know how many or gender), “b33” answered me, “sorry I can’t steal any data. but there had so much much information.”
According to b33, Petrobangla has not contacted them at all via email.
I did ask whether if Petrobangla contacted them, if they would ask for any fee, and somewhat to my surprise, they answered:
I fix it free .. but everybody wants money, me too. If they cant send me a bounty for this bug. i have no problem ..
Finally. in response to my query as to why they attacked Petrobangla, the answer was, “they have nulled security.”
b33 also volunteered that his next target is the Bangladesh armed force medical college.
Under the circumstances, maybe some firm or entity will decide to reach out to b33 to see if they can encourage him in constructive ways.