A new group of hackers, which calls itself the ‘Indian Cyber Mafia’, has allegedly launched cyberattacks on Indonesian universities.

This was in retaliation to hacking by Indonesian groups on Indian entities, a post by the Indian Cyber Mafia on the dark web stated.

Cybersecurity researcher and analyst Dominic Alvieri confirmed with The Cyber Express that an outfit named the Indian Cyber Mafia Targeting Indonesia has impacted over a dozen universities.

Universities enlisted by the Indian Cyber Mafia targeting Indonesia

The names of 14 Indonesian universities were mentioned in a post that read that the act was a part of the payback for touching Indian Cyber Space.

The ongoing cyberattacks by the Indian Cyber Mafia Targeting Indonesia listed the following universities as its victims:

1. https://unisbar.ac.id
2. http://farmasi.unisbar.ac.id
3. http://accountancy.unisbar.ac.id
4. http://elearning.unisbar.ac.id
5. http://aset.unisbar.ac.id
6. http://kartikadocta.com
7. http://atk.unisbar.ac.id
8. http://management.unisbar.ac.id
9. http://midwifediploma.unisbar.ac.id
10. http://hukum.unisbar.ac.id
11. http://nursingdiploma.unisbar.ac.id
12. http://midwife.unisbar.ac.id
13. http://nursing.unisbar.ac.id
14. http://simrskhanza.unisbar.ac.id

Indian Cyber Mafia’s post about targeting Indonesia

The motive behind the so-called Indian Cyber Mafia targeting Indonesia, as stated by the group, was to get even with the Indonesian hackers that were attacking Indian private sites. The hacker group claimed to have stolen data, which they threatened to release soon.

The post was signed with the names of the group including, the Indian Cyber Pwnage, Indian Cyber Troops, Kerala Cyber Extractors, Black Dragon Security and NWH Security.

Singapore based technology security company Fusion Intelligence Center @DarkTracer tweeted about the ongoing cyberattacks between the nations with the above screenshot of the Indian Cyber Mafia.

The tweet stated that websites of several universities were defaced in the cyberattacks by the Indian Cyber Mafia targeting Indonesia.

Upon investigating, The Cyber Express found that all the listed Indonesian university websites were defaced with the following graphics showing on the website –

However, http://kartikadocta.com/ was accessible and did not seem to be impacted by the series of ransomware attacks targeting Indonesian university websites.

The Cyber Express tried contacting the university via the online contact form, however, an error message reflected each time.

#OpIndia2.0 by Indonesian hackers

Cybersecurity researchers FalconFeedsIO tweeted about a new Telegram channel getting created by hacktivist groups named VulzSec Team and Hacktivist of Garuda.

These groups claimed to be posting about the upcoming cyberattacks targeting Indian entities.

As part of OpIndia, the groups claimed to have stolen data from Indian railways that they threatened to leak online in 24 hours. The tweets were posted by the cybersecurity researchers on April 20.

The page titled Operation India had 27 subscribers and the description section read, “Cyber Attack Against India.”

Similar to the statements made by the Indian Cyber Mafia targeting Indonesia, the Indonesian hackers said that they were attacking Indian infrastructure in retaliation to the attacks by the Indian hackers.

The group Hacktivist of Garuda stated that they were informed about Indian Cyber Mafia targeting Indonesia and therefore they “will not be silent.”

They called their attacks on Indian infrastructure a counterattack posing questions on who attacked first and if it is a ploy to get the nations in a conflicting state.

According to reports, the following Indian entities have allegedly been targeted by Indonesian hackers as part of OpIndia2.0 –

1. Nashik Municipal Corporation https://nmc.gov.in/
2. Rural Works Department, Government of Bihar http://contractor.rwdbihar.gov.in/
3. Jharkhand Geospatial Portal http://gis.jharkhand.gov.in/

The website of the Nashik Municipal Corporation displayed a ‘site under maintenance’ message when checked by The Cyber Express team.

The Hacktivist of Garuda claimed to have stolen Quotation Management files, and important links among other data.

The Rural Works Department website was also inaccessible at the time of writing. However, the portal http://gis.jharkhand.gov.in/ mentioned by the group was accessible at the time of writing.