Cyber Attack on India Increases Threefold Targeting Around 200 Govt. & Private Domains

A cyber-attack instigates against India by a Malaysia-based group of hackers reinforce Tuesday with around 200 Indian government and private domains, including companies linked to the banking sector, impending under attack. The attack was set up with the encouragement of "DragonForce" which had to plead to all its Muslim cyber allies to target the Indian government and business websites in the aftermath of the controversy surrounding disparaging remarks on Prophet Mohammed by India’s ruling Bharatiya Janata Party leaders.

On Tuesday, more than 200 websites, which include the Thane city police Commissionerate and private universities, were hacked. According to the message received on the Commissionerate’s website, it was pointed at the "Indian government" and demanded an apology to "Muslims all over the world." The eventuality occurred during a period of severe protests in the country over a controversial remark made about Prophet Muhammad.

AI-powered digital risk protection firm CloudSEK, who tapped a tweet from DragonForce, has observed that the attack on Indian entities by the hackers has spread. This group has also launched campaigns named #OPIndia and #OpsPatuk for the cause. Another group, which was also behind related campaigns such as OPIsrael, has already targeted around 200 Indian websites, including many Indian government domains.

The hackers affirmed to have the VPN (virtual private network) access of two major Indian companies named Logixal and Cybernetyx. Logixal is a specialized Oracle Gold Partner, which provides banking services such as payment gateway and two-factor authentication. Cybernetyx, is a vision-based technology company that serves Indian educational institutions and poses a huge client base of educational institutions in India, according to CloudSEK researchers.

The researchers also observed a malicious actor sharing a Pastebin link that contains a list of sufferers compromised by the hackers’ group ". /Localhost". Evidently, this link contained 160 Indian entities and the compromised domains consist of several schools and colleges, a few social organizations, many health care facilities, some real estate companies, and more. Additionally, the cyber-criminals have exposed the phone numbers and WhatsApp chat links of many Indian policemen in the comment section of a post by DragonForce on Instagram, according to CloudSEK.

According to the researchers, the tool used by the hackers allows them to vandalize any target website at their will. The tool is named Script Deface (SC Deface) and permits a user to download it and make changes to the HTML code.