Sri Lankan website have been hit by yet another hacker spree, this time apparently targeting central government websites. Approximately 14 hours ago, the twitter account @OpSriLanka sent out a single tweet: “Extremist ‘Bodu Bala Sena’ bodubalasena.org has been TangoDown #OpSriLanka #BBS @HackerBrigade #CrimesAgainstHumanity”
From there, the hackers apparently moved onto take down the website of the Sri Lanka High Commission and the Government Information Center (giv.gov.lk), publicly tagging both the President of Sri Lanka and Namal Rajapakse in their tweets.
By the looks of it, these weren’t the only things that were taken down. The hackers tweeted links containing credentials of a staggering 352 sites with login details leaked, with the list including the Department of Lotteries, Primeminister.gov.lk, the Sri Lanka Transport Authority, Ceylon Petroleum, the Employee’s Trust Fund website, Ports Authority, National Institute of Health and more. How hackers gained access, and indeed, what method of attack was used is unknown, but it looks to be a couple of steps beyond the DDOS attack that hit Sri Lanka on April.