These hacker groups from Pakistan and Bangladesh tried to bring down Indian websites after Operation Sindoor

Cyber researchers have reportedly identified an army of state/non-state actors like Islamic Hacker Army (Iraq), Team Azrael-Angel of Death (Palestine), Sylhet Gang SG (Bangladesh), DieNet (Bangladesh) APT36 (Pakistan), Pakistan Cyber Force, Team Insane PK, Mysterious Bangladesh, Indo Hacks Sec (Pakistan), Cyber Group HOAX 1337 (Pakistan) and National Cyber Crew (Pakistan-allied) and claiming to deface websites and breach sensitive data from several Indian government and private organisations in the past week.Security firm CloudSEK said that it has identified more than 100 claims of data theft or credential loss which were exaggerated, recycled or fake. In the past week, hacktivist groups have made grandiose claims of cyber breach. For instance, Bangladesh’s SYLHET GANG-SG and DieNet claimed to have exfiltrated 247 GB of data from India’s National Informatics Centre. However, an analysis of a 1.5 GB sample by CloudSEK showed only publicly available marketing materials. Similarly, Team Azrael-Angel Of Death claimed 1 million citizen records from the Election Commission, but was debunked as recycled data from a 2023 leak, not a fresh compromise, CloudSEK said.In a report titled "Road of Sindoor", the Maharashtra Cyber Police detailed the cyber warfare launched by Pakistan-allied hacking groups. The state's nodal cyber agency identified several Pakistani hacker groups responsible for launching over 15 lakh cyber attacks targeting critical infrastructure websites across India following the Pahalgam terror strike. Officials added that of these, only 150 attacks were successful.On the methods used by Pakistani hackers, the Maharashtra Cyber Police said that these include malware campaigns, Distributed Denial-of-Service (DDoS) attacks and GPS spoofing. The report also highlights a hybrid warfare strategy by Pakistan-allied groups that includes widespread misinformation campaigns. These groups falsely claimed to have hacked India's banking system and caused power outages. These false narratives included claims of cyber attacks on India's power grid, statewide blackouts, satellite jamming, disruption of the Northern Command, and an alleged attack on a BrahMos missile storage facility, Indian security agencies said.One real threat that cybersecurity officials warned about is from the APT36, the Pakistan-linked spy group also known as Transparent Tribe. “The group has used malware payloads, including the AllaKore and Crimson RATs, granting the attackers extensive remote control and unfettered access to infected systems,” said Sanjay Katkar, joint managing director at Quick Heal Technologies.Cybercriminals are also using AI-generated images and videos to carry out phishing social media and messaging apps. “We've seen fake official-looking letters with made-up numbers, or videos that pretend to show new attacks on India but actually use old war pictures to trick people,” CloudSEK’s Reddy said.These kinds of links/messages are said to spread through WhatsApp, Telegram and social media, preying on national sentiment to steal personal data or financial details.