Bangladeshi police brokers accused of promoting residents’ private info on Telegram

Two senior officers working for anti-terror police in Bangladesh allegedly collected and offered categorized and private info of residents to criminals on Telegram, information.killnetswitch has realized. 

The information allegedly offered included nationwide id particulars of residents, mobile phone name data and different “categorized secret info,” in accordance with a letter signed by a senior Bangladeshi intelligence official, seen by information.killnetswitch.

The letter, dated April 28, was written by Brigadier Basic Mohammad Baker, who serves as a director of Bangladesh’s Nationwide Telecommunications Monitoring Heart, or NTMC, the nation’s digital eavesdropping company. Baker confirmed the legitimacy of the letter and its contents in an interview with information.killnetswitch. 

“Departmental investigation is ongoing for each the instances,” Baker stated in a web-based chat, including that the Bangladeshi Ministry of Residence Affairs ordered the affected police organizations to take “essential motion in opposition to these officers.” 

The letter, which was initially written in Bengali and addressed to the senior secretary of the Ministry of Residence Affairs Public Safety Division, alleges the 2 police brokers accessed and handed “extraordinarily delicate info” of personal residents on Telegram in change for cash.

In response to the letter, the police brokers have been caught after investigators analyzed logs of the NTMC’s methods and the way typically the 2 accessed it.

The letter reveals the id of the officers. One of many accused is a police superintendent serving with the Anti-Terrorism Unit (ATU). The opposite is an assistant police superintendent deputy on the Speedy Motion Battalion, also referred to as RAB 6, a controversial paramilitary unit that the U.S. authorities sanctioned in 2021 over allegations that the unit is linked to a whole lot of disappearances and extrajudicial killings. information.killnetswitch is just not naming the 2 individuals who have been accused because it’s unclear if they’ve been charged underneath the nation’s authorized system.

The NTMC is a authorities intelligence company established underneath Bangladesh’s Ministry of Residence Affairs. The company’s core job is to observe all telecommunications visitors and intercept cellphone and net communications to detect and stop threats to nationwide security. 

Organizations like Human Rights Watch and Freedom Home have criticized the NTMC for missing safeguards in opposition to abuses, each in opposition to free speech in addition to privateness. Over time, NTMC procured refined expertise from corporations in Israel, which Bangladesh doesn’t formally acknowledge, in addition to different Western international locations, to conduct mass surveillance largely on opposition get together members, journalists, civil society members and activists.  

As a part of its mission, the NTMC runs the Nationwide Intelligence Platform, or NIP, an inside authorities net portal that holds categorized citizen info, like nationwide identification particulars, mobile phone registration and cell knowledge data, prison profiles and different info. 

Numerous regulation enforcement and intelligence businesses have consumer accounts on the NIP portal offered by the NTMC. 

NTMC’s personal investigation concluded that the brokers used the NIP platform extra ceaselessly than others, and accessed and picked up info that was not related to them.

“Contemplating the context, such irrelevant entry and illegal handover of extraordinarily delicate categorized knowledge ought to be investigated to establish everybody concerned on this and we additionally request for acceptable motion in opposition to all these recognized/concerned,” the letter learn.  

Baker instructed information.killnetswitch that there have been a “variety of Telegram channels,” including that one among them was known as BD CYBER GANG.

information.killnetswitch couldn’t establish the particular channel on Telegram. 

Baker instructed information.killnetswitch that it seems that the 2 brokers despatched the knowledge to the administrator of no less than one Telegram group, who then tried to promote it. 

Baker stated that the 2 brokers have been notified of the investigation. 

Due to the investigation, all NIP customers from ATU and RAB 6 have had their entry suspended “till the concerned officers are recognized, and correct motion is taken,” in accordance with the letter.

Baker confirmed the suspended entry, saying that if brokers “want any info for investigation functions they will acquire via Police and RAB HQ.”

Spokespeople for Bangladesh’s Ministry of Residence Affairs and ATU didn’t reply to a number of requests for remark. An individual figuring out solely as an “operations officer” at RAB 6 instructed information.killnetswitch that the company had no remark. 

Final 12 months, a security researcher discovered that the NTMC was leaking individuals’s private info on an unsecured server. The leaked knowledge included real-world names, cellphone numbers, e mail addresses, places and examination outcomes, in accordance with Wired. One other Bangladeshi authorities company, the Workplace of the Registrar Basic, Delivery & Demise Registration, additionally leaked residents’ delicate knowledge final 12 months, as information.killnetswitch reported on the time.

In each instances, the leaks have been discovered by Viktor Markopoulos, a researcher who works at Bitcrack Cyber Safety. 

Whereas these have been important instances of knowledge publicity, this incident allegedly involving the ATU and RAB 6 brokers is doubtlessly extra damaging, provided that the brokers allegedly offered info on-line in an try and revenue from their privileged entry to categorized private info.  

Though the incident is underneath investigation, a well-placed supply inside the authorities instructed information.killnetswitch that there are nonetheless officers who’re providing to promote residents’ knowledge.