Cyber Attack On India Widens, Around 200 Govt, Private Domains Targeted

A cyber attack launched against India by a Malaysia-based group of hackers intensified Tuesday with around 200 Indian government and private domains, including those linked to the banking sector, coming under attack.

The attack was launched on the clarion call of “DragonForce” which had appealed to all its Muslim cyber allies to target Indian government and business websites in the wake of the controversy surrounding derogatory remarks on Prophet Mohammed by India’s ruling Bharatiya Janata Party leaders.

ALSO READ: Hacker Group Calls On Muslim Cyber Allies To Strike Indian Websites Over Prophet Remarks Row

On Tuesday, more than 200 websites, including the Thane city police commissionerate and private universities, were hacked. According to the message on the commissionerate’s website, it was directed at the “Indian government” and demanded an apology to “Muslims all over the world.” The incident occurred during a period of intense protests in the country over a contentious remark made about Prophet Muhammad.

Artificial Intelligence-powered digital risk protection firm CloudSEK, which had on June 10 tapped a tweet from DragonForce, has noticed that the attack on Indian entities by the hackers has widened now.

ALSO READ: Maharashtra Cyber Cops Nab Five Lending App Agents For Harassing Client

The group has launched campaigns named #OPIndia and #OpsPatuk for the purpose. The group, which was also behind similar campaigns such as OPIsrael, has already targeted 200 Indian websites, including India government domains.

The hackers claimed to have the VPN (virtual private network) access of two major Indian companies including Logixal and Cybernetyx.

Logixal is a specialized Oracle Gold Partner, providing banking services such as payment gateway and two factor authentication. Cybernetyx, a vision-based technology company serving Indian educational institutions has a huge client base of educational institutions in India, according to CloudSEK researchers.

The researchers also noticed a threat actor sharing a Pastebin link containing a list of victims compromised by the hackers’ group “./Localhost”.

Importantly, this link contained 160 Indian entities and the compromised domains included several schools and colleges, social organizations, heath care facilities, real estate companies, and more.

Furthermore, the hackers have exposed the phone numbers and whatsapp chatlinks of several Indian policemen in the comment section of a post by DragonForce on Instagram, according to CloudSEK.

The researches have so far identified that the tool used by hackers allows them to deface any target website at their will. The tool is called Script Deface (SC Deface) and allows a user to download it and make changes in the HTML code.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube