The nationwide hacking and defacing of Indian websites led by a Malaysia-based hacker group is just part of a massive cyberattack targeting India.
The Free press journal learned that the same hackers have already hacked into dozens of bank accounts as well as Facebook accounts and have now set their sights on the official Bharatiya Janata Party website.
Since Monday, hundreds of Indian websites, both government and private, have been hacked and homepages have been replaced with a message saying it is in retaliation for recent derogatory comments by the suspended BJP spokesperson, Nupur Sharma, on Islam. Indian cyber crime agencies have worked overtime to restore the hacked websites, which include at least one embassy website and one police station in Maharashtra.
Further investigation into the matter, however, indicates that this is just the tip of the iceberg.
Cybersecurity agencies, both government and civilian, conducted repeated scans of the dark web to monitor conversations about the cyberattack and made alarming findings. According to investigations conducted so far, the cyberattack is being carried out by a Malaysia-based pro-Palestinian hacker group called DragonForce. The group is a self-proclaimed “hacktivist” group, which means they claim to do activism through hacking. Typically, hacktivist groups target governments that oppose their ideologies.
The investigation further revealed that the first call to attack India in cyberspace came on June 10, when DragonForce called on all Muslim hackers around the world to attack Indian government websites. The operation was dubbed ‘OpsPatuk’, patuk being the Malay word for ‘response’. Hundreds of messages have been posted on dark web discussion forums, with hackers first sharing their ideas and then their exploits.
“On Sunday, a hacker claimed to have compromised one of the servers of a popular Indian website hosting service used by hundreds of Indian websites. The hacker has also published a list of websites using this server, inviting everyone to hack them. On Monday, the hacking of websites began. We are still investigating the number of hacked and defaced websites hosted by this server,” a cybercrime official said.
DragonForce, meanwhile, has also continued to add its own contributions. They first posted a list of bank accounts with a leading government bank in India on dark web forums. This was followed by a huge bundle of hacked Indian Facebook accounts, which were released in MS Excel format. This included Facebook users’ full names, email IDs and passwords. Evidence that they had hacked several Indian websites was also shared.
During a new scan of the dark web, investigators also found a single message posted by another hacker on a forum, in which he posted the link to the official BJP website and invited everyone to try to find it. To hack.
DragonForce also took to social media, posting a tweet about their threat to India. Investigators also discovered that they had posted similar messages on the TikTok video-sharing platform, with the hashtag #opspatuk. As of Monday, posts with this hashtag had over 2.4 million views.
“Our investigation suggests that DragonForce and its allies also plan to target logistics and supply chain companies, educational institutions, technology and software companies, and web hosting providers in the coming days” , a source told the FPJ.
The message posted on a dark web forum asking hackers to hack the BJP website | YPF Photo
A screenshot of backed up bank accounts shared on the dark web | YPF Photo
A screenshot of hacked Facebook accounts shared on the dark web | YPF Photo