![]() The note demanded payment of 0.01 bitcoin (around $360 at current exchange rates), or the “data will be publicly disclosed and deleted.” Both Markopoulos and Fowler say this is common for exposed databases of this kind. However, Markopoulos says that on November 12, the database was wiped and in its place appeared a ransom note by an unknown attacker or group of attackers. The database appeared to be offline ahead of the publication of this article. ![]() Markopoulos reported the exposed information to Bangladesh’s Computer Incident Response Team (CIRT) on November 8, and it acknowledged his message and thanked him for disclosing the “sensitive exposure.” In an email to WIRED, the CIRT said it had “notified the issue” to the NTMC. The press office of the government of Bangladesh and the Bangladesh High Commission in London also did not respond to requests for comment. The NTMC has not acknowledged or responded to WIRED’s questions about the leaked information, including those about its purpose and the amount that has been gathered. “With those, you can actually track the device or clone the device.” “The biggest thing I saw that was really dangerous was a bunch of IMEI numbers,” he says, referring to the identifying code given to each individual cell phone. Fowler, who regularly finds exposed servers and databases online, says the data being linked to the intelligence body is “probably one of the first that I have seen like this.” Jeremiah Fowler, a security consultant and cofounder of data breach discovery firm Security Discovery, reviewed the exposed database and confirmed its links to the NTMC. There is no indication that it relates to any wrongdoing. An encoded passport photo correlates with the alleged owner’s public information (although they could not be reached for comment).įrom a review of a sample of the exposed information, it is unclear why the data has been collected, where it has all been collected from, or what it is being used for. ![]() Another phone number is publicly listed as belonging to a Bangladeshi business. Text messages sent to multiple numbers in the database were delivered, although one person replied saying they were not the person listed in the dataset. Markopoulos found exam results listed in the data, including some that were taken in the late 1990s, that matched those listed on the Ministry of Education’s website. The person says they are a subscriber of telecom firm BTCL, which is government-run and has some of their personal information, although it’s unclear whether this is the source of the data that was leaked. One person contacted by WIRED confirmed that the email, mobile number, and a billing address listed belonged to them. ![]() The indexes include names such as “sat-phone,” “sms,” “birth registration,” “pids_prisoners_list_search,” “driving_licence_temp,” and “Twitter.” Some of those files contain a handful of entries each, while others contain tens of thousands. Within the database, there are more than 120 indexes of data, with different logs stored in each. Markopoulos believes the database was likely exposed due to a misconfiguration. “Even if many data are test data, they still reveal the structure that they're using, or what exactly it is that they are intercepting or plan to intercept.”Īfter Markopoulos discovered the exposed database, he linked it back to the NTMC and login pages for a Bangladeshi national intelligence platform. “I wouldn't be expecting this to happen for any intelligence service, even if it's not really something that sensitive,” says Viktor Markopoulos, a security researcher for CloudDefense.AI who discovered the unsecured database. The disclosure, which appears to have been unintentional, provides a tiny glimpse into the highly secretive world of signals intelligence and how communications may be intercepted.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |