The cyberattack against India, spearheaded by Malaysia based 'hacktivist' group DragonForce, continues into its sixth day, with more hacker groups joining the cause and evidence pointing to at least 30 Indian banks being hacked surfacing on the dark web. Further, DragonForce has also added the Indian Department of Defence website to its list of targets.
The call was given out by DragonForce, a pro-Palestine hacktivist – hacker activist – group, on June 10 this year, asking Muslim hackers around the world to avenge the recent derogatory comments by suspended BJP spokesperson Nupur Sharma. Soon after, scores of Indian websites, both government and private, were found to be hacked and defaced, with 70 of them being websites of Maharashtra based entities.
Over the last couple of days, cybersecurity investigators, during repeated sweeps of the dark web, have found the DargonForce has claimed to have hacked accounts of customers with 30 different banks in India.
“A massive data packet of hacked banking credentials was posted by DragonForce on one of their forums on the dark web recently. The list includes banks based in various States in the country. We are conducting investigations to ascertain the authenticity of this data,” a source said.
Meanwhile, at least four other hacker groups have also pledged their alliance to DragonForce and claimed to have started working on the mission, which has been designated as OpsPatuk, 'patuk' being the Malay word for 'strike back'. These groups have been identified as Localhost, M4NGTX, 1887 and Rsky0, a senior cyber security officer said.
“We have also learned that DragonForce has posted the links to the Indian DOD website as well as the BJP official website on its forum, along with Internet Protocol (IP) addresses of both the websites, inviting one and all to hack them. Apart from the groups that have already allied with DragonForce, we suspect that there are other hackers operating independently on the same mission,” the officer said.
The list of targets drawn up for OpsPatuk reportedly includes government agencies, financial institutions, educational institutions and service providers. Hackers have already started posting on the dark web saying that many of these have already been breached, but there is no confirmation in this regard as yet.
