Home / Advisory / Operation OpsPatuk against India will be beaten back: The Group DragonForce initiates ransomware and other cyber attacks

Operation OpsPatuk against India will be beaten back: The Group DragonForce initiates ransomware and other cyber attacks

Posted on
Cyber Secure India

India is ever ready to counter any cyber attack on its infrastructure. Unlike the conventional form of warfare, the cyber warfare is ever predominant and has no preparatory stage. Cyber Preparedness and Cyber Deterrence is an ongoing process. ‘Security by Design’ is the mantra while establishing the IT/ICT System for any infrastructure. The comment made by a Political Leader and BJP spokesperson, Nupur Sharma, at a TV show, has been understood to be a derogatory comment about the Prophet Mohammed. This then has caused reactions in both the Domestic and International circle. The Cyber Domain was only filled with comments and reactions on social media and other medium, while referring to this episode. However, in the recent past, it has been noted that, acts of revenge has been directed by groups on the Cyber Space of India, as a reaction to this episode.

Following the reactions that has ensued, the Indian Cyber Space is now witnessing Cyber Attacks from Malaysian and Indonesian based Hacker Groups, among others.

One among them is “OpsPatuk”, (also meaning “strike back”) which is a cyber activist operation that stated in June 2022, driven by hacktivist group “DragonForce Malaysia”. DragonForce Malaysia, with the assistance of several other threat groups, have been involved in indiscriminate scanning, defacement and launching of Denial-of-Service (DoS) attacks against numerous websites in India. ‘OpsBedil’ was a similar cyberattack launched by Dragonforce against Israel in the year 2021.

The second group “Hacktivist Indonesia”, is also seen to be carrying out campaigns and attacks to avenge Nupur Sharma’s comments on Prophet Muhammad.

The first wave of OpsPatuk included hacking and defacement of hundreds of Indian websites, both government and private, while in the second waves, the team DragonForce hacked servers of organisations and leaked personal data of lakhs of Indians. The groups have also urged Muslim hackers from across the world to launch cyberattacks against India. Apart from websites, the group is also said to be targeting Social Media credentials of Indian nationals, including police personnel. The attack is also directed towards intruding into secure systems to hack, username and password of Banking Consumers including SBI Banking Accounts.

This organised act by many of these groups, involved in the present Cyberattack against India, will be viewed as an act of Cyber War, and India is said to be prepared to take-on the attackers. India has also sought help of Interpol, where the Indian agencies have carried out technical analysis and have already identified the Internet Protocol (IP) addresses and have reported on them to the International Policing agency.

There are reports of over two thousand websites which have been attempted by the hacker groups for defacement or attempted hack on them. Reports also confirm about websites of various government agencies and industries falling to hack by the attackers. The groups mentioned, were are also involved in leaking the database of Andhra Pradesh police as well as defacing the website of Thane (Maharashtra) Police. The groups also leaked PAN card and Aadhaar details, from websites like Pradhan Mantri Kisan Samman Nidhi (PM-Kisan) (to name one of them).

DragonForce has also posted several other messages claiming to have hacked Indian Windows servers. The posts by these groups have been accompanied by screenshots and Proof of Concept video, which shows the entire hacking process recorded. DragonForce claimed to have exploited existing vulnerabilities in Windows to gain Local Privilege Escalation (LPE) and Root Privileges, in its mode of execution.

There are also reports of additional steps initiated by the Government of India, ordering ramping up action, to the country’s cyber defences. Last week, it was reported that the Prime Minister’s Office (PMO), The Ministry of Home Affairs (MHA) and Ministry of Electronics and Information Technology (MeitY) was conducted review of the country’s national cybersecurity strategy as a routine activity to ensure a well-protected India, even from the Cyber Front.

%d bloggers like this: