Questions Day 1

A free press can, of course, be good or bad, but,
most certainly without freedom,
the press will never be anything but bad.
Albert Camus



  • Have the leaders of the Blink Hacker Group (BHG) and Myanmar Hacker University confirmed their membership?

After exposing their role in both groups and providing clear evidence that connects them with several domain names, both Min Ko Ko and Yan Naing Mynt keep claiming that they are not performing any hacking activities, and that they just donated the domains to organizations that they respect.

Their role has been confirmed in different interviews, and in the latest statement of the Blink Hacker Group.

  • Were the last Thai defacements performed by BHG?

While the Thai Police denies that the attacks were carried out by the Blink Hacker Group, we have good reasons to believe that the Blink Hacker Group is directly connected to the events. We have monitored every document posted in pastebin, and monitored who that first published the announcement in Facebook about the defacements. In all public statements regarding the Thai attacks, we have seen one member of BHG announcing in Facebook before anyone else.

  • What has the reaction to this report been from the members?

Several BHG members that were mentioned in this report, have decided to take the forward-looking escape route. Proud of their actions, and their self-proclaimed right to silence other voices, they are “once again” making this report a part of their racist crusade.

  • Are you concerned about local media and journalists being subjected to cyber attacks for reporting on this issue?

We understand the challenge that local media has to deal with, but we are more concerned about the level of impunity that these groups seem to have.  Self-censorship is the worse form of cyber attack.

  • Since people begun investigating this case in recent weeks, have you observed any changes in back-dooring of local media sites and DDoS attacks?

After monitoring the intrusions during the elections in November 2015, we saw how these groups shifted focus entirely to cases that could help them to regain popularity.  The cyberwar against Thailand is a part of this logic. Since early December 2015, when we recorded a pen testing attack from the military network, we have not seen other clear attempts.

  • Will there be additional information in the coming days?

Yes, we plan to disclose forensic evidence from some of the attacks we have seen, and disclose the methods we used to track the attack locations.

  • Are you surprised by the reaction of those accused so far?

When the Thai police announced an investigation in early January 2016, we saw how members of  the Blink Hacker Group started to remove possible personal linkages including taking down the site However, as we have seen several times before, after a few weeks they feel comfortable again  and start to show off in social media and brag about their cyber attacks.

We are surprised though, to see how quickly they jumped to point fingers to Muslim groups and independent media for any statements included in this report reproducing the very same logic that we denounce in our research.