The Malaysia-based DragonForceIO continued attacking Indian websites on June 14 in response to comments against Prophet Mohammad, with the “hacktivist group” announcing attacks on two Indian corporate VPNs and websites of Mumbai University and Thane city police.
As part of the OpsPatuk campaign, wherein DragonForceIO called on hackers across the world to target Indian government websites, hackers claimed breaking into Cybernetyx VPN and Logixal VPNs. Cybersecurity company CloudSEK confirmed to Moneycontrol that the VPNs were hacked into.
The hackers also shared login credentials with designated IP addresses associated with the two corporate VPNs. Apart from that, the hackers also shared screenshots in supports of their claims.
CloudSEK told Moneycontrol that Logixal is an Oracle banking service provider used by major banks in the country, and Cybernetyx provides services to edtech companies.
Logixal and Cybernetyx were yet to respond to Moneycontrol’s queries. The copy will be updated to reflect their response.
The government, through the Indian Computer Emergency Response Team, has issued new cybersecurity guidelines that would mandate service providers, including VPNs, to store customer details, IP addresses allotted and other information for a specific period. However, in a clarification provided later by CERT-In, it had said that the directions will not apply to corporate VPNs.
Apart from that, hackers also said they had conducted a distributed denial of service (DDOS) attack on the official website of Mumbai University.
In a DDOS attack, the attacker floods a server with internet traffic to prevent users from accessing online services and sites, the report added.
When Moneycontrol tried to access the website at 12.30 pm, the server returned an error and the website did not load. But at 1.20 pm, the website was up and running.
Earlier in the day, DragonForceIO announced it had hacked the website of Thane city police, with a message appearing on it apparently directed towards the Indian government and demanding an apology to “Muslims all over the world”.
CloudSEK describes Malaysia-based DragonForceIO as a pro-Palestinian hacktivist group with a considerable presence across major social media platforms.
They have been driving the campaign under the hashtag #OpsPatuk on social media platform such as Instagram, Twitter, Tiktok, apart from a dedicated underground forum where they make announcements regarding their activities.
To encourage other groups to launch cyber attacks, DragonForce has shared alleged social media credentials of Indian nationals. It has also shared what it claims to be the username and password combos to accounts of a nationalised bank.
Earlier in a report, CloudSEK had said the attackers were password spraying compromised accounts on social media sites, targeting hosting providers to gain unauthorised access to hosted websites, perpetrating local file inclusion attacks on web applications and also leveraging tools for DDOs attacks.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
