View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
June 13, 2022updated 05 Apr 2023 9:17am

India hit by wave of hacktivist cyberattacks from DragonForce Malaysia

India has been hit by a wave of cyberattacks as protests against the ruling BJP party spill over into cyberspace.

By Claudia Glover

A wave of cyberattacks has knocked out more than 70 public and private sector websites in India. Hacktivist group DragonForce Malaysia has claimed responsibility for the campaign, saying it is in retaliation to a negative statement about the Prophet Muhammad made by a member of India’s ruling political party the Bharatiya Janata Party (BJP). The exploits of DragonForce Malaysia are the latest example of the resurgence of hacktivism, hacking with a social or political purpose, which has been observed in recent months.

Mumbai protests prior to cyberattacks in India
Protestors have taken to the streets of Mumbai in recent weeks after Nupur Sharma’s remarks about the Prophet Muhammad. (Photo by Bhushan Koyande/Hindustan Times via Getty Images)

Sharma’s allegedly Islamophobic comments, made in a televised debate at the end of May, have led to protests in India and caused diplomatic tensions with predominantly Muslim countries such as the United Arab Emirates and Malaysia.

These tensions have apparently now spilled over into cyberspace, with DragonForce Malaysia carrying out sweeping ‘injection’ attacks, defacing government websites and knocking other sites offline in the last 48 hours. Affected sites include the Indian Embassy in Israel and the National Institute of Agriculture, as well as educational facilities such as Delhi Public School.

Injection attacks are where hackers inject a bug into a website’s system to enable them to make changes, explains Srinivas Kodali, a cyber researcher at the coalition Free Software Movement of India.

So far there has been no data exfiltrated, explains Bharat Mistry, technical director of the UK and Ireland at Trend Micro. But, he says, the ease at which so many organisations were attacked is noteworthy. “This should be a wake-up call for India to say, ‘we need to bolster our security and take it a bit more seriously’,” he says. “If the first phase of this was just defacement, where could it go if there was a more intense attack that was more distributed and more intent on disruption?”

DragonForce Malaysia behind India cyberattacks

DragonForce Malaysia came to prominence last year in Israel when it led a series of cyberattacks against Israeli targets throughout June and July.

The group has compared itself to high-profile hacktivist group Anonymous and claims to hack “based on ethics and principles that bring good”. DragonForce Malaysia is active on social media, and has been vocal in its support for the protests in India.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

It is known for working with other cybercrime gangs, including T3 Dimension Team, Syntax Brute Code Malaysia and the PANOC Team. Prior to this week its most recent campaign, OpsBedilReloaded, took place in April and targeted several organisations in Israel, amid the escalating tensions among Palestinians and Israelis. This spree triggered a warning by security company Radware.

The gang is following in the footsteps of other hacktivists, many of whom have been thrust back into the spotlight as a result of their activities supporting Ukraine during its war with Russia.

A report from Radware released last week notes a 125% increase in the number of distributed denial of service (DDoS) attacks in observed in the first quarter of 2022. “These attacks were largely driven by a threat landscape turbocharged by geopolitical instability, hacktivists, nation-state threat actors, and a focus on exploiting newly discovered vulnerabilities,” the report notes.

But the organisations targeted by DragonForce Malaysia, many of which are small in nature, do not match the gang’s altruistic message, argues Kodali. “The websites they have targeted include several farmer collectives,” he says. “I think within the global world of hacktivism the idea is to go after the powerful, but they’re going after the powerless.”

Tech Monitor is hosting a roundtable in association with Intel vPro on how to integrate security into operations. For more information, visit

Read more: India’s semiconductor ambitions are grand. Fulfilling them will take a lot of work

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.