Hackers exploiting multiple vulnerabilities in Myanmar

Political developments and digital crackdowns of the past few months have pitted hacktivists against the Govt.

The political developments and digital crackdowns in Myanmar over the past few months have driven citizen and opposition movement toward anonymous channels to communicate.

With more than 68 million mobile users in Myanmar, IntSights researchers found that the demand for VPNs and alternative methods of communication has skyrocketed and new methods to overcome internet access issues are emerging daily, including the increasing popular use of mesh network apps that use Bluetooth – like Bridgefy and FireChat.

Many citizens are also taking to the Tor browser to access the dark web to circumvent the internet blocks and restrictions imposed by the government and find private communication channels to securely share information with one another, and mostly to seek a sense of normalcy.

The crackdowns gave rise to international hacktivist efforts to launch cyberwarfare operations including hacking and defacing the Myanmar government and police force official websites.

Hackers also exploited multiple vulnerabilities on public Myanmar websites and attacked an API endpoint that listed emails of all users with access to create a new user with admin privileges to gain entry, subsequently gathering and leaking financial records and information.

When the military junta took control of the government in February 2021, the new leadership began to impose digital restrictions and shutdowns to thwart dissidents. Myanmar’s proposed new cybersecurity bill (leaked here) focuses heavily on monitoring digital activity within its borders. Some of the more noteworthy and restrictive proposed policies are:

  • Internet service providers would collect user data and provide it to the government as required
  • Modifying or removing features of a computer program would be illegal
  • ISPs could be banned, have their systems taken over by the authorities, or be permanently shut down for any reason
  • Selling and buying cryptocurrency would be illegal and punishable by law Content that is deemed to be unsavory to the government could be banned. In the meantime, the military junta has periodically ordered power shutdowns, intercepted electronic communications without warrants, and forced internet blackouts to monitor its political adversaries




Leave a Comment

Related posts