Pakistani Hackers Target 1.5 Million Indian Websites Following Operation Sindoor; 7 Groups Named, Attack Methods Revealed

Hero Image
publisher-logo
NP English
Tue, 13 May 2025 19:40:10 IST
whatsapp
In a staggering wave of cyber aggression, over 1.5 million attacks were launched against Indian websites following " Operation Sindoor " — a military strike conducted by Indian forces in response to the Pahalgam terror incident. The offensive came from across the border and beyond, but India’s cyber defence systems successfully repelled 99.99% of them.


Pakistan-Linked Hacker Groups Behind the Onslaught

According to a comprehensive report titled "Road of Sindoor" compiled by Maharashtra Cyber , seven Advanced Persistent Threat (APT) groups with links to Pakistan were behind these large-scale cyber attacks. The report, shared with law enforcement and intelligence agencies, identifies the following groups:

  • APT 36 (Pakistan-based)
  • Pakistan Cyber Force
  • Team Insane PK
  • Mysterious Bangladesh
  • Indo Hacks Sec
  • Cyber Group HOAX 1337
  • National Cyber Crew (Pakistan-allied)

Origin of Attacks: A Cross-Border Network

While the primary source of these attacks was traced to Pakistan, Maharashtra Cyber confirmed that the digital assault also had roots in Bangladesh, the Middle East, Indonesia, and Morocco.


"The probe discovered that cyber attacks on (government websites in) India decreased after India-Pakistan ceased hostilities, but not fully stopped. These attacks continue from Pakistan, Bangladesh, Indonesia, Morocco, and Middle Eastern countries," said Yashasvi Yadav, Additional Director General of Police, Maharashtra Cyber.

Attack Tactics: DDoS, Malware, and Fake Narratives

The cyberattacks weren’t limited to website defacements. Techniques ranged from malware injections and Distributed Denial-of-Service (DDoS) attacks to GPS spoofing. While only 150 attacks managed to breach defences, critical infrastructure — including airports, telecom systems, and government portals — was largely protected.


Hackers also engaged in psychological warfare through misinformation campaigns. They falsely claimed to have:

  • Hacked into India’s banking systems
  • Caused statewide power outages
  • Jammed satellites
  • Disrupted Northern Command
  • Attacked a BrahMos missile facility

Maharashtra Cyber took swift action, removing over 5,000 fake posts and videos circulating such disinformation on social media.

What Was Actually Breached?

Despite the high failure rate of these attacks, some breaches did occur. The Kulgaon Badlapur Municipal Council website was defaced. Hackers also alleged data theft from Chhatrapati Shivaji Maharaj International Airport, telecom operators, and the Defence Nursing College in Jalandhar, with some data reportedly surfacing on the darknet. However, officials denied any compromise of aviation or Election Commission systems.

India’s Cyber Resilience Stands Tall

This wave of cyber aggression highlights a growing dimension of hybrid warfare, where state-sponsored hacking groups attempt to destabilise nations without firing a bullet. However, with a 0.01% success rate, the recent onslaught reveals more about the strength of India’s cyber defences than the capability of its adversaries.


As officials continue to bolster security measures, the message is clear — digital aggression won’t go unanswered.