Hacking Group Launches Cyberattack on Indian Government

In response to comments made against the Prophet Muhammad, a Malaysian hacking group has launched a wave of cyberattacks against India. The Indian government now is trying best to do data disaster recovery.

According to a notice from Radware, a hacking group called DragonForce Malaysia, with the assistance of several other threat groups, has begun indiscriminately scanning and launching denial-of-service attacks on many websites in India. In addition to DDoS, their campaign is known as “OpsPatuk”. Mainly, advanced threat actors exploit current vulnerabilities to breach networks and exfiltrate data.

DragonForce Malaysia is known for having carried out hacking operations in support of Palestinian causes. This time attention turned to India, with the attack in response to controversial comments made by a Hindu political spokesman about the Prophet Muhammad.

According to the latest information, the OpsPatuk operation is still ongoing today.

Unambiguous Evidence

In a televised debate last month, Nupur Sharma, a spokesman for the Hindu nationalist Bharatiya Janata Party (BJP), made controversial remarks about the age of the Prophet Muhammad’s third wife, Aisha. Widespread anger ensued, including statements by leaders of the Muslim world, widespread protests, and even Sharma himself being kicked out of the BJP.

Then, starting June 10, DragonForce Malaysia joined the fray. Their offensive against the Indian government first manifested itself in a tweet.

“Greetings Government of India. We are DragonForce Malaysia. This is a special operation against insulting our Prophet Muhammad – S.A.W., Government of India website was hacked by DragonForce Malaysia. We will never be silent. Come and join this action! #OpsPatuk Engaged”

The new announcement confirms that the group used DDoS attack tools to conduct multiple attacks across India, pasting their logos and messages on targeted websites.

The group also claims that they have hacked and leaked data from various government agencies, financial institutions, universities, service providers and some other Indian databases.

The researchers also observed other hacker activists — Localhost, M4NGTX, 1887, and RzkyO — joining the ranks to attack multiple websites across India in the name of upholding religion.

Who is DragonForce Malaysia

Malaysia DragonForce is a hacking group similar to Anonymous. They target government websites and enjoy grandstanding. Their social media channels and website forums are used for a range of activities “from running esports teams to launching cyberattacks,” and the site is also visited by tens of thousands of users.

In the past, DragonForce has launched attacks against organizations and government entities in the Middle East and Asia. Their favorite target is Israel, where they have launched numerous attacks against the country and its citizens. Including #OpsBedil, #OpsBedilReloaded and #OpsRWM.

According to the authors of the advisory, DragonForce is not considered an advanced or persistent threat group, nor are they currently considered very sophisticated. While they’re not sophisticated, they make up for it with their strong organizational skills and ability to quickly disseminate information to other members. Like Anonymous and Low Orbit Ion Cannon, DragonForce uses their own open-source DoS tools – Slowloris, DDoSTool, DDoS-Ripper, Hammer, etc. as weapons to wreak havoc on websites.

Some members, over the past year, have shown a tendency to develop into a highly sophisticated threat group. Among other things, this includes exploiting publicly disclosed vulnerabilities. For example, at OpsPatuk, they have been exploiting the recently discovered CVE-2022-26134 vulnerability.

The authors concluded that over the past year, DragonForce Malaysia and its colleagues have demonstrated their ability to adapt to the threat environment. As there are currently no signs of slowing down, Radware expects that DragonForce Malaysia will continue to launch new reactionary campaigns based on their social, political and religious background for the foreseeable future.

Cyberattacks are becoming a significant danger to organizations of all sizes and sectors. Storage systems may appear to have nothing to do with a company’s cybersecurity posture and policies, yet they may be the strongest defense. Some characteristics and components of virtual machine backup, such as ease of management, low cost, and storage compatibility, make it critical to protect sensitive data from ransomware attacks, assisting in the creation of impenetrable cloud storage for enterprise data centers and effectively preventing ransomware attacks. VMware Backup, Xenserver Backup, oVirt Backup, and other popular VM backup solutions are listed below.