Hacking groups in Burma
Coordinated hacking activities in Myanmar are poorly documented before 2010. After all, before September 2011 the military government limited the Internet access and exercised great control. Yes, the Internet was expensive, restricted and slow.
During those early times the only private ISP in Myanmar, Bagan Cybertech (2002-2006) was operating with the support of two British men (Paul Crilley and Karl Sumptor) living in Rangoon since the end of the 90s. As part of their business, they were providing the company with the technical know-how for more effective Internet filtering and censorship.
In 2010, after the “official nationalization” of Bagan Cybertech in 2006 (renamed Myanmar Teleport) and the inauguration of the military controlled Yatanarpon Cyber City and the Teleport (YTP) in December 2007, the government restructured the network, dividing it into two main networks: the state-owned MPT ISP and a newly-created Ministry of Defense ISP at Yatanarpon Teleport.
The increase of hacking activities since late 2011 seems to be correlated with two major changes in Myanmar: more and cheaper bandwidth available and the increase of IT security related activities in several Universities and Defense programs. The dramatic reduction of Internet access costs was also driven by the new two Mobile operators. SIM cards sold in the past for 1500 USD, became available from Telenor Myanmar (from September 2014) and Ooredo (from August 2014) at just 1.5 USD.
Facebook and private discussion forums were instrumental to get such communities coordinated. In Facebook, closed groups to coordinate “Operations” are constantly formed by University students from the University of Computer Studies in Yangon (UCSY), Dagon University (including their remote education), Pakokku Technical University and members connected to the Defense Services Technology Academy (DSTA) at Pyin Oo Lwin.
Blink and the Myanmar Hackers University
In those early days of coordinated hacking activities, two groups were challenging each other: Blink Hacker Group and Myanmar Hackers University.
The “Blink Hacker Group” was founded in 2009 and “Myanmar Hackers University” was rebranded to “Myanmar Hackers Unite4m” in June 2011.
Blink had a slow start during 2011, with non clear political targets but with an open “Anti Government Position”. Back then, Blink was advertising themselves as the first organization asking for an open Internet in the country.
Myanmar Hackers Unite4m (MHU) was founded by three hackers in July 2011: hacker1989, Bboy, and Loki, and
started operations with the name “Myanmar Hackers University”.
In the first early years, MHU coordinated activities in three online forums: myanmarhackersuniversity.wall.fm, mmhackforums.noonhost.com and www.mmcyberdevils.com
Since June 2014, Myanmar Security Forum (MSF) serves as a coordination space of MHU and other smaller groups. The Forum mmsecurity.net is hosted by creatigon.com, a company operated by Min Ko Ko, member of MHU and known as 133720, cyberoot, hacker625 or DownFall.
The first messages calling for cyber war
Two messages from $n1ff3rg0d (sniffergod) and Gtone (Thet Wai Phyo) the 15th of March 2012 in the mmhackforums.noonhost.com calling for a joint and coordinated effort (cyberwar) against Bangladesh led to the “#Operation Bangladesh” launched the 27th March, the Armed Forces Day.
[translated from Burmese] # Posted by MHU_G-tone I expect all the members of this site expect that this MMhackersforums site will stand as an online hacker site, representing Myanmar. I think that Myanmar lost the lawsuit of territorial disputes with Bangladesh and has given part of its territory is the issue which concerns all Myanmar national people. Anyone Burmese man who is crazy about technology is responsible to protect Theravada Buddhism. (I would like to ask the MHF to adopt this as its core principle)/. Therefore, I think MHF should take this as new revolution and prepare to attack the network of Bangladesh. I would to ask the other members to do their fair share. Now, it is a hot topic on social network of Bangladesh with many Bangladeshi netizens thanking the international court of waters and giving thousands of ‘like’ in Facebook. Don’t Burmese people who lost do anything? I would like to urge the fellows to deface if you can, and if not please share the popular websites, websites of ministries and State-run newspapers of Bangladesh. We can’t hack every website. But, there is no website that we can’t hack. But rather than hacking randomly, shouldn’t we start a revolution, focusing on websites of Bangladesh. If all agree, shall we use the own deface page of MHF or establish a separate page for this revolution? I want to make the Bangladeshis know that we are attacking them intentionally. I would like to hear the voices of fellow MHF members. # Posted by $n1ff3rg0d # 15.03.2012 I was raged when I read a story about the water territorial disputes between Myanmar and Bangladesh on a popular Bangladesh website. The headline reads ‘Bangladesh wins Myanmar battle’. Then, I thought about what I could do regarding that article. Even if I could do nothing to the writer, I can do something to the website. I hope fellow members would understand.
By then MHU operations turned “political” in nature and hackers were aiming to concrete targets in Bangladesh. After a first round of attacks to Bangladeshi websites a truce was agreed in the middle of April 2014 but did not last for long.
The escalation of tensions during the events of late May 2012, when the Myanmar’s navy discovered two Thai trafficking boats, one carrying migrants, to force the return of the boat to Bangladesh was used by the “Blink Hacker Group” to launch “#Operation Islam” with the slogan of “For the holy religious land, we should be stained with blood if necessary”. The operation was also joined by MHU.
A week after the launch of the first attacks, Blink published a statement the 16th June 2012 titled “We have enough reasons to announce a Cyber War”.
The statement provided the reasons behind the decision to launch a cyberwar operation against the Rohingya by members of the Closed Facebook Group #Operation Rohingya.
The position of “Blink Hacker Group” was not to limit the attacks against Bangladeshi sites but also included any online media that that was not openly against the Rohingya. Blink initally called for attacks on BBC, VOA, RFA and DVB, to later include Mizzima and Irrawaddy.
A retaliation of similar groups in Bangladesh as the Bangladesh Cyber Army (BCA), Bangladesh Black Hat Hackers (BBHH) and 3xp1r3 Cyber Army (3CA) and their #Op Myanmar Cyber War was a great motivation factor for new members to join the hacking groups.
By July 2012, the largest coordinated hacking groups were driven by a political agenda in perfect synchronization with the Myanmar Government positions.
The attacks against the website of Myanmar President Office were perceived as an act of cyberwar.
What originally was a “Bangladesh vs Myanmar Cyber War” about disputed territorial boundaries escalated to “Muslims vs Myanmar Cyber War”. New formed groups as the Black Hat Area (BHA) and Cyber Vampire Team allied with BHG and MHU to form the Myanmar Cyber Army to fight with Muslim Cyber Army.
In May 2015, the enlarged collation of hacker groups adopted the name of “Union of Underground Myanmar Hackers (UGMH)”. UGHM is composed by Myanmar Hacker Warriors (MHW), Blink Hacker Group (BHG), Black Hat Area (BHA), Myanmar Hacker Unite4m (MHU), Myanmar Noob Hackers (MNH), Gray Hat Teenagers (GHT) and Myanmar Noob Hackers. (MNH).
To our surprise, Thet Wai Phyo (Gtone) was again the one coordinating this effort and responsible to create the Facebook group “#Op Bangladesh” in May 2015.