Prothom Alo website receives warning from “ethical hacker”

Prothom Alo’s website was hacked by apparently an ethical hacker on September 9 morning around 11 am. Although the website’s functionality has not been affected, a message was seen pinned on the landing page of the website. At the time of writing, the message is no longer visible.

The message, which was addressed to Matiur Rahman, Editor and Publisher of Prothom Alo, as well as the staff of the daily, began the message by saying: “I am not your enemy nor do I have any intention to damage any property of Prothom Alo.”

The message then went on to state, “the content management system (CMS) developed by Quintype Technologies India Ltd. that is used by your website to disseminate news online has critical security flaws.”

It then went on to explain that by using this CMS, “any person or organisation with malicious intentions can change, modify or modify any news or information previously published by Prothom Alo in the form of news.” Thus, malicious attackers can then “use the credibility of Prothom Alo to spread rumours among the common people”, states the message.

“So I am publishing this message to warn you,” said the message, indicating willingness to detail all the alleged security flaws in Prothom Alo’s website to the daily’s technical department and executive officers.

The message ended stating that if Prothom Alo wants to contact the person behind the message, they can email at prothomalosecurityconcern@duck.com.

Shawkat Hossain Masum, head of online at Prothom Alo said, “We have removed the notice from our website and our IT team is currently working on the issue. We will reveal details on this matter later on.”