Menu
Browse

Cyber Threat Actor: Systemadminbd

Actor Type Location Known Incidents
 Icon
Activist
Bangladesh
1 incident
Profile

Systemadminbd is an alias usedby a threat actor whose known location is Bangladesh. The actor first appeared in public reporting on 22 August 2024 when they compromised the website of an Indian news broadcaster. On that date the attacker replaced the outlet’s homepage with a defacement page that displayed a seizure notice crediting the intrusion to Systemadminbd. The defacement also incorporated a screenshot of a controversial news story concerning India’s release of water that was alleged to have contributed to flooding in Bangladesh. The notice explicitly stated that the site had been hacked to criticize the broadcaster’s coverage of the flood situation.

The target was a media organization based in India, indicating a focus on the news sector within the South Asian region. The attacker’s method consisted of website defacement, which involved altering the visible content of the site and inserting a statement that mocked the broadcaster’s reporting on the flood crisis. In addition to the altered homepage, the actor posted a warning that further disruption to the news channel’s operations could follow if their demands were not met. No specific malware families, exploit kits, or initial‑access vectors were described in the public reporting of this incident. The defacement was documented via screenshots that were included in the news article detailing the event. Attribution beyond the alias has not been established in open sources; there is no publicly available evidence linking Systemadminbd to a state sponsor, criminal consortium, or any larger hacking group. The actor operates under a single pseudonym and has not been associated with other campaigns, tools, or infrastructure in the available reporting. Consequently, the only confirmed operation attributed to Systemadminbd remains the August 2024 defacement of the Indian news broadcaster’s website. No further activity from this alias has been reported in subsequent public sources as of the knowledge cutoff. This singular incident provides the entirety of the currently known factual profile for the threat actor.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources