India faced a significant wave of cyberattacks during its Independence Day celebrations this year, with the Malaysian threat actor group ‘RipperSec’ emerging as a key player, carrying 16 Distributed Denial-of-Service (DD0S) attacks and defacing two high-profile websites.
According to FalconFeeds.io, the most intense activity occurred on August 15 and 16. The timing of these attacks suggests a strategic alignment with India’s national holiday, possibly to maximise impact and visibility.
RipperSec has also recently formed alliances with notorious groups, including Anonymous Bangladesh and RADNET64. These alliances could signal an escalation in the scale and sophistication of future regional cyber operations.
The industries most affected by RipperSec’s activities over the past week include media, arts and entertainment, financial services, and the government sector. Among the notable victims were Taaza TV and The Hindu Group, with the latter targeted twice — once on August 14 and again on August 16.
Major corporate entities such as the Tata Group and Aditya Birla Group also fell prey to these cyber onslaughts, alongwith key financial institutions like Indian Overseas Bank, Union Bank of India, and Bank of India.
Even government entities were not spared. The website of the Kerala Chief Minister, the National Informatics Centre, Digital India, MyGov, and the West Bengal beach of the Bhartiya Janta Party (BJP) were all targeted in this coordinated campaign.
RipperSec has been known to use MegaMedusa, a publicly available DDoS attack tool. While the core RipperSec members have access to a more upgraded and better MegaMedusa tool, the lower members use a lower-quality tool.
India has been a target of cyber attacks from multiple entities primarily due to extensive internet penetration alongwith low knowledge about cyber security among the masses. Recently, a ransomware attack on C-Edge technologies affected more than 300+ small Indian banks in India.
In July 2024, another cyber incident took place where Russian hackers targeted Indian political observers.
Moreover, the Chinese Smishing Triad targeted Indian users via an elaborate India Post scam. A few days before this, reports showed that Indian citizens were receiving scam messages from someone impersonating the Regional Transport Office (RTO).
In June, security researchers found that Pakistani threat actors targeted Indian government agencies via Discord emojis.
In May, in a massive leak, over 1.6 million records of Indian police and military records were exposed due to a flaw in the third-party company.
In the News: Apple iPhone 16 Pro and Pro Max will be made in India