3C-INT | [Cyber]Crime Characterization for Intelligence

Threat Actor Characterization

Back

You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)

TEAM BD CYBER NINJA

ID: 7d5f3563d7e07144ed31dd017b11454c

Hacktivist Group Hacktivism

Threat types: Hacktivism, Black-Hat, Defacement, Data Leak, Propaganda

Bangladesh BGD, BRA, IND

Updated: 2026-04-12

Created: 2026-01-27

Progress: 95% Completeness: 100% Freshness: 100%

Operation zone: Bangladesh, Brazil, India

Aliases Limited alias preview

Bangladesh Black-Hat Cyber Team	TBCN	TB******************************	Te*****************
Te****************	—	—	—

Showing 2 of 5 aliases in free preview.

Associated Threat Relationships

Limited preview

Related profiles 55
Related files 0

Related profiles

ID	Threat	Origin	Type	Categories
9207924c0719443a052befb5bf77a7e635520	0xalfa	Unknown	member-of	Cybercrime
40a0b00e00185e69315c4db430a9196324046	0xRyoZenith	Unknown	member-of	Cybercrime
33ca9fa406261c3f44402a533dcaf2b464757	5H3-410N	Unknown	member-of	Cybercrime
27f34ee0acbbd9e47c30e242b628707f55932	AnonPioneers	Unknown	related	Hacktivist Group
6ff3e5088cc1a134f08eb01a6fb9b78c	Apollo's Exe	Unknown	member-of	Cybercrime
12c908e975f13477dcc30e4136743983	Arena Erin	Unknown	member-of	Cybercrime
be8371602a4d5fb4050e980e1414ab9863949	ASH-P1W7N3Ed	Unknown	member-of	Cybercrime
5d591571e532da891c02de7ea2fc629906806	Black Hat Zombie	Unknown	ally-of	Hacktivist Group
2c1f30e911028c3c5146161f6ace53d915693	Captain 3xpl01t3r	Unknown	member-of	Cybercrime
085d58888245db498baabccf36a5dcc602829	CAPTAIN ERROR	Unknown	member-of	Cybercrime
d78051fcbefac67046a4ebbb03a593cc94229	Captain Nemo	Unknown	member-of	Cybercrime
25ab1b72ff709db96e3299b131cad95305113	Captain R00t3NinjA	Unknown	member-of	Cybercrime
6c7c0c244e9485beeef0179beb7300ea50038	Captain R3d_Al3rt	Bangladesh	member-of	Cybercrime
8e41c1e16f042e7cdcd4961793d77a1f80349	Captain Unknown	Unknown	member-of	Cybercrime
ec7b869517fee322f25aafc78fcdee3829098	Captain Zerox Uchiha	Unknown	member-of	Hacktivist Group
7e8214916782021125d0afd9d9d9ee6641770	Chaos	Turkey	member-of	Hacktivist Group
c4d83e090db35255381b23912d807f0634113	cOmReD	Unknown	member-of	Cybercrime
9af45878abea2333223c172721512a8d52997	Cr4x_Lupin	Bangladesh	member-of	Cybercrime
8ed47fd09e50a468ca4cc841fba9d34c69490	Cr8zy3ight	Unknown	member-of	Cybercrime
f52c21e28be1cb613b5f5ea926a12aec12625	Cyber Team Indonesia	Indonesia	related	Hacktivist Group
48a29054b1dfe05949a9ac03f710c25c34444	D0LPH1N	Unknown	member-of	Cybercrime
c1a5a393661c29d1b27cc902450703e458207	D4t4 R34p3r	Unknown	member-of	Cybercrime
82bfc49dded8b7fe34d0cd80851ac4fb	Daiki Sia	Unknown	member-of	Cybercrime
bbe6bacb55178aa3e4249824757e5fe941335	Dark-C0deks	Unknown	member-of	Cybercrime
c6571187c89636d82cab39ff16ac5bfa97159	DXPOLIT	Unknown	related	Hacktivist Group
612848961c0e48ad05e03c2ef51c96ed36507	EyeLocker	Bangladesh	co-actor	Crimeware
2e9c737b15a33c9ce42a0951df72536436433	F40G B4B4	Unknown	member-of	Cybercrime
d64b34a457eee82f0f9165a094344c4f	HunterX	Unknown	member-of	Cybercrime
74148e0c0142e9f37a33da87a0a9912789590	HydraCorps	Unknown	related	Hacktivist Group
e86d6b6f6e07179e105620631e65ae7f04486	Jhon Walter	Unknown	member-of	Cybercrime
0ca8ebd629f2d4685430d49fc2ddbe04	Madmax	Unknown	member-of	Cybercrime
90b86a64af183160d620c06da3260ee307604	Moroccan Dragons	Morocco	related	Hacktivist Group
63ab1cce58b7fb4189a95760b6b7302b	Mr Wolf	Unknown	member-of	Cybercrime
b6fca70fd2c65d4ef0b60036ea4a7d6d88554	MrrCaT4	Unknown	member-of	Cybercrime
f907d74d1f62db9cb92d5777f0e5a76d44465	n1h4r_404	Bangladesh	member-of	Cybercrime
c1433a30bb0f92e0d2d7d5647697edbf43102	Nexar Phantom	Unknown	member-of	Cybercrime
e38b2073ca80f7985e299316b416d5e906838	nihao0x	Bangladesh	member-of	Cybercrime
2ae7589e6f0feba62cc229a125d34e2b	NOTHING	Unknown	member-of	Cybercrime
c7507943741eefed16fd0f306fe41ff527186	nullbrainbd	Bangladesh	member-of	Cybercrime
ce243c9e0c31b5cad7b8ebedbd1ea62a	PH4N675M CL7UN	Unknown	member-of	Cybercrime
af6f50863c80c36b4e140e81872103cb10270	Phantom HSB43	Unknown	member-of	Cybercrime
3167e8b3c338af2caf8110e076b67f69	Phantom Psycho	Unknown	member-of	Cybercrime
cfabc4ec6473f915e292f2a6a217e52782336	Phantom0MA4R	Bangladesh	member-of	Cybercrime
6414480505a9607a699363d9310b6ca358769	Red Wolf Cyber Team	Iran	related	Hacktivist Group
2caef0cad4336adf418056d17ea9343c73975	RootXWC	Unknown	member-of	Cybercrime
2285cfec83e35ac30c2bec83af3e36da	Sayem Mahmud	Unknown	member-of	Cybercrime
4ed2c5f362d282b1979cf4c45bbfca1a63859	Shorif_0x3c	Unknown	member-of	Hacktivist Group
00a1249e6201e070813922a26dd98c0756484	TeamSpiderX	Unknown	related	Hacktivist Group
779136d0d4434768749481ab1358b45d65098	TERRORISTKN	Unknown	member-of	Cybercrime
9afe60eda926ca989b82f91fe6ef246170474	UltRwn	Unknown	member-of	Cybercrime
97e8d97ae0e3a95fc66fef50d217ffaf	Unknown_id_69	Unknown	member-of	Cybercrime
2144991344fc124491540858df37bc2a61694	V1rus_Alfa	Unknown	member-of	Cybercrime
f4a8ae0f6f559defbc986873cd6148a177517	Xanon_neffex	Bangladesh	member-of	Hacktivist Group
2445ff9ce5f8f4bce2255a896d8f023e96412	Z£πO M@$K	Unknown	member-of	Cybercrime
8d2f03bb889a07e34e40f25994dbbf3d	Zorvithon Leo	Bangladesh	member-of	Cybercrime

Related files

No related files found.

Actor Network Graph

Open Network Graph

Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.

MITRE ATT&CK®

confidence: medium

Actor Techniques page ATT&CK® Diagram

Bangladesh-linked hacktivist collective associated in OSINT with website defacement campaigns and public claims, primarily targeting Bangladesh and India; occasional extortion/ransomware claims exist but are inconsistently corroborated.

Technique	Technique name	Tactics	Evidence
T1595	Active Scanning	TA0043	2024-12-03 — INFERENCE (confidence: medium): Opportunistic defacement groups typically identify weak web targets via broad discovery/scanning prior to exploitation. · ref
T1190	Exploit Public-Facing Application	TA0001	2025-11-25 — OSINT describes TBCN conducting cyber defacement against education and government institutions, consistent with exploitation of public-facing web applications/CMS. · ref
T1110	Brute Force	TA0006	2024-12-03 — INFERENCE (confidence: low): Some defacement activity in similar ecosystems leverages weak credentials/brute force against admin panels; not directly evidenced for TBCN in cited sources. · ref
T1491.002	External Defacement	TA0040	2025-11-25 — Cyble notes TBCN focuses on cyber defacement campaigns, mapping to External Defacement. · ref
T1567.002	Exfiltration to Cloud Storage	TA0010	2024-12-03 — INFERENCE (confidence: low): Leak-claim behavior often involves posting stolen data to online services; specific exfil destinations are not detailed for TBCN in cited sources. · ref
T1486	Data Encrypted for Impact	TA0040	2025-10-31 — Cyble reports TBCN 'Black Hat' division claimed a ransomware capability; claims remain unverified (treat as aspirational). · ref 2026-02-18 — A defaced victim page claims files were locked/encrypted and demands payment; this is case-specific and may not represent a stable actor capability. · ref

Strategic Intelligence

Limited preview

Last updated: 2026-02-18T19:54:41+00:00

Preliminary Strategic Intelligence

TEAM BD CYBER NINJA

— Bangladesh-linked hacktivist / defacement collective (OSINT-visible)

Full strategic intelligence is available in Analyst and Premium plans.

Executive Analyst Brief for CISO

Saved Limited preview

Executive Analyst Brief for Decision Makers — TEAM BD CYBER NINJA

Classification: Unclassified / OSINT — TLP:WHITE

Upgrade to access the full executive brief.

Tip: Hover the section title to learn what’s included in Analyst / Premium plans.

Saved successfully.

Hunting Playbook

Saved Limited preview

Hunting Playbook — TEAM BD CYBER NINJA

Priority: High for organizations with public-facing web portals (education, government, local services) in South Asia; Medium elsewhere. This playbook focuses on detecting opportunistic web compromise leading to external defacement and related coercion signals attributed to TEAM BD CYBER NINJA-style activity.

Upgrade to access the full hunting playbook.

Tip: Hover the section title to learn what’s included in Analyst / Premium plans.

Saved successfully.

IOC Appendix

Saved Limited preview

Last updated: 2026-02-18T19:57:08+00:00

IOC Appendix — TEAM BD CYBER NINJA

Classification: Unclassified / OSINT — TLP:WHITE

More IOC context for Research. Full appendix for Analyst and Premium plans.

Saved successfully.

OSINT Library

Saved Limited preview

Last saved: 2026-02-18T19:57:20+00:00

OSINT Library — TEAM BD CYBER NINJA

2025-11-25 — Cyble — “Threat actor profiles: Team BD Cyber Ninja (Bangladesh-based defacement targeting BD/India)”

Full OSINT references available for Research / Analyst.

Saved successfully.

Social Medial & Communication

SOCMINT integrated: 0/15

Address	Verification	SOCMINT
`twitter.com/x.c******************`	Restricted	Not integrated

Address	Verification	SOCMINT
`www.facebook.com/gro***********`	Restricted	Not integrated
`facebook.com/fac*********************`	Restricted	Not integrated
`facebook.com/fac************************`	Restricted	Not integrated

Address	Verification	SOCMINT
`t.me/tea*****************`	Restricted	Not integrated
`t.me/+Fx**************`	Restricted	Not integrated
`t.me/+VU**************`	Restricted	Not integrated
`t.me/t.m***********************`	Restricted	Not integrated
`t.me/t.m**********************`	Restricted	Not integrated

Address	Verification	SOCMINT
`dis******************`	Restricted	Not integrated
`www.youtube.com/@te**********************`	Restricted	Not integrated

Address	Verification	SOCMINT
`te*****************@protonmail.com`	Restricted	Not integrated
`te**********************@protonmail.com`	Restricted	Not integrated

Address	Verification	SOCMINT
`fundicionhunter.com`	Restricted	Not integrated

Address	Verification	SOCMINT
`github.com/git***************`	Restricted	Not integrated

Notes: preview mode hides sensitive social/contact details.

Reference Images/Associated Evidence Limited

Free Preview

Logo

Free Preview

Propaganda

Free Preview

Hacked website