Prophet Row: Malaysian hacking group launches series of cyber attacks on India

An India Today report said that the hacking group has launched a campaign OpsPatuk which translates to “strike back”.

It has called on "Muslim Hackers From All Over The World, Human Rights Organizations, and Activists (sic)".

The campaign is clearly a religiously and politically motivated one, and experts have warned that the volume of such attacks on Indian entities is only going to increase.

They advised that the government and government entities should take adequate measures to foil them.

The Malaysian hacktivist group DragonForce, in a tweet, called for attacks on Indian government websites by Muslim hackers all over the world. The tweet was discovered by Bengaluru-based cyber security firm, CloudSEK on June 10.

According to CloudSEK researchers, the primary goal of the attack was to retaliate against the Indian government for the controversial comments made about Prophet Muhammad by Nupur Sharma. To enable their allies to launch attacks, the group shared Indian users' social media credentials, particularly Facebook access and leading bank username and password combinations, the India Today report stated.

The group has also shared evidence that they have hacked Indian government websites, such as indembassyisrael.gov.in, manage.gov.in, extensionmoocs.gov.in, cia.gov.in and cfa.gov.in, and other, the report said.

The organisation has published a list of websites that supporters and allies are encouraged to attack.

This cyber call-to-arms is the work of DragonForce Malaysia, a pro-Palestinian hacktivist group based in the country.

It has Instagram and Facebook profiles, as well as numerous Telegram channels.

Over 2.4 million people have viewed the posts calling for action against the Indian government, the report added.

DragonForce has previously been associated with Malaysian or Pakistani groups such as Revolution Pakistan, RileksCrew, T3DimensionMalaysia, UnitedMuslimCyberArmy, CodeNewbie, PhantomCrews, LocalhostMalaysia, HarimauMalayaCyberArmy, and GroupTempurRakyatMalaysia. This operation has a high chance of gaining more support and attention from hacktivists around the world, according to the India Today report.

The Solution

“As we have seen during the Russia-Ukraine conflict, hacktivists are persistent and resourceful. So, it’s imperative for the Indian government and private organisations to take this campaign seriously. We need to start by nullifying the low-hanging fruit that threat actors typically use as initial vectors to initiate attacks. This includes malware logs, misconfigured applications, default passwords, unpatched or outdated servers and other assets, and previously leaked databases being sold on the dark web,” the India Today report quoted Darshit Ashara as saying.