Period:
2025-07-01 till 2025-09-30

Mysterious Team Bangladesh is a hacktivist collective that emerged in 2020, gaining international attention in 2022 for its cyberattacks against high-profile targets in India, Israel, and other countries. The group primarily focuses on government, financial, and transportation sectors, with a strong emphasis on India. The group's actions are primarily driven by religious and political motives. They have initiated campaigns in response to geopolitical events, such as targeting organizations in Sweden following incidents involving the burning of the Quran. Mysterious Team Bangladesh utilizes open-source utilities for their attacks, including tools like "Raven-Storm" and "Hulk" for DDoS operations. They often exploit vulnerabilities in platforms such as PHPMyAdmin and WordPress.

In December 2022, the group attacked the systems of India's Central Board of Higher Education (CBHE), leading to the exposure of personally identifiable information, including government identification numbers. The group also conducted multiple campaigns against Israeli organizations, expressing support for Palestine and condemning Israeli government actions.

The group was founded by a threat actor known as "D4RK TSN." The members of the group primarily reside in the Chittagong area of Bangladesh and either study in college or have recently graduated. A CloudSEK analysis also revealed that one of the co-founders of Mysterious Team Bangladesh has been recognised as Taskin Ahmmed. The rest of the group primarily consists of students or recent graduates between the age of 20 to 25 years that previously operated under hacker organisations, like Elite Force 71, Bangladesh Cyber Anonymous Team, and Taskin Vau. They are predominantly motivated by hacktivism and have associations with an Indonesia-based hacktivist group, "Hacktivist of Garuda". They also have a history of involvement in mass reporting of content across public platforms like Youtube, Facebook and Linkedin.

They maintain an active presence on platforms like Telegram, Facebook, and Twitter, where they announce past and upcoming attacks. Their operations often involve collaborations with other hacktivist groups. As of July 2023, Mysterious Team Bangladesh continues to be highly active, primarily targeting India and Israel. In 2024, the group expanded its operations further, intensifying attacks in Europe, Asia-Pacific, and the Middle East, with a particular focus on manufacturing, transportation, energy, education and government organizations.

More information:

• Raven Storm [GitHub]
• Demystifying Mysterious Team Bangladesh [Group-IB]
• Team Mysterious Bangladesh planning another tide of attack over Indian entities [CloudSEK]
• DDOS Attack: Bangladeshi Hacktivist Group Cyberattack [Security Boulevard]
• Resurgent Hacktivist Group Executes Over 750 DDoS Attacks Targeting India, Israel, the Netherlands, and Others [CPO Magazine]
• Hacktivist Group 'Mysterious Team Bangladesh' Goes on DDoS Rampage [Dark Reading]
• Bangladeshi hacktivists targeting India, Israel with DDoS attacks [The Record]

THIS REPORT CONTAINS ONLY PUBLICLY AVAILABLE INFORMATION, WHICH IS PROVIDED FOR GENERAL INFORMATION PURPOSES ONLY. ALL INFORMATION IS PROVIDED “AS IS” WITHOUT ANY REPRESENATION OR WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES THAT THIS REPORT IS ERROR-FREE OR ANY IMPLIED WARRANTIES REGARDING THE ACCURACY, VALIDITY, ADEQUACY, RELIABILITY, AVAILBILITY, COMPLETENESS, FITNESS FOR ANY PARTICULAR PURPOSE OR NON-INFRINGEMENT. USE OF THIS REPORT, IN WHOLE OR IN PART, IS AT USER’S SOLE RISK. RADWARE AND/OR ANYONE ON ITS BEHALF SPECIFICALLY DISCLAIMS ANY LIABILITY IN RELATION TO THIS REPORT, INCLUDING WITHOUT LIMITATION, FOR ANY DIRECT, SPECIAL, INDIREC, INCIDENTAL, CONSEQUENTIAL, OR EXAMPLARY DAMAGES, LOSSES AND EXPENSES ARISING FROM OR IN ANY WAY RELATED TO THIS REPORT, HOWEVER CAUSED, AND WHETHER BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHER THEORY OF LIABILITY, EVEN IF IT WAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, LOSSES OR EXPENSES. CHARTS USED OR REPRODUCED SHOULD BE CREDITED TO RADWARE.

© 2025 Radware Ltd. All rights reserved. The Radware products and solutions mentioned in this document are protected by trademarks, patents and pending patent applications of Radware in the U.S. and other countries. For more details please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.