Thursday , March 13 2025

Who are the Hackers Targeting India G20 Summit 2023?

Ahead of the G-20 India Summit 2023, there has been a worrisome development as several hacker groups join forces under the #OPIndia banner, declaring their clear intention to carry out cyber attacks on India.

As India gears up to host global leaders at the upcoming G-20 summit, the alarming coordinated call for collective cyber attacks from groups driven by anti-India sentiments sounds a dire warning.

400+ IPs Exploiting Multiple SSRF Vulnerabilities

GreyNoise warns of a coordinated increase in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across various platforms. "At least...
Read More
400+ IPs Exploiting Multiple SSRF Vulnerabilities

NVIDIA has released update for NVIDIA Riva

NVIDIA has released a software update for Riva to fix security vulnerabilities that could allow privilege escalation, data tampering, denial...
Read More
NVIDIA has released update for NVIDIA Riva

CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”

On Tuesday, Apple fixed a critical zero-day vulnerability affecting nearly all supported iPhones and iPads. The company noted that it...
Read More
CVE-2025-24201  Apple fixes 0-day exploited in “extremely sophisticated attack”

Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws

Microsoft's March 2025 Patch Tuesday update fixes 57 flaws, including seven zero-day exploits, six of which are actively being exploited....
Read More
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws

Ballista Botnet infects 6000 Unpatched TP-Link Routers

Cato CRTL team said, a new botnet campaign dubbed Ballista target the unpatched TP-Link Archer routers. CVE-2023-1389 is a serious...
Read More
Ballista Botnet infects 6000 Unpatched TP-Link Routers

CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE

A critical vulnerability, CVE-2025-24813, has been found in Apache Tomcat, which could let attackers execute remote code, leak sensitive data,...
Read More
CVE-2025-24813  Flaw in Apache Tomcat Exposes Servers to RCE

CISA Adds 3 Ivanti Endpoint Manager Bugs to KEV

CISA included three vulnerabilities in Ivanti Endpoint Manager—CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161—in its Known Exploited Vulnerabilities catalog. Federal agencies must address...
Read More
CISA Adds 3 Ivanti Endpoint Manager Bugs to KEV

Ransomware Attacks Set Records in February: New Data Shows

Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked...
Read More
Ransomware Attacks Set Records in February: New Data Shows

Cyber attack at Japanese telecom leader NTT hits 18,000 companies

NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information...
Read More
Cyber attack at Japanese telecom leader NTT hits 18,000 companies

Cyber heist: Pune losses Rs 6007 crore in cyber scam

India's Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session....
Read More
Cyber heist: Pune losses Rs 6007 crore in cyber scam

ALSO READ:

Hacker group again threat attack Bangladesh 19 September: CIRT Alert

Several hacker groups have chosen Indian websites as their targets for cyber attacks. Various Indian websites have already started to feel the effects of these attacks, as they are connected to the claims of the G20 cyber attack.

The renowned hacker collective, Jambi Cyber Team, has officially announced its upcoming operation, OpIndia, scheduled to commence on the 9th and 10th of September. Their focus will be directed towards various Indian websites.

The G20 India Summit 2023, focused on digital transformation, is scheduled to take place on September 9th and 10th, 2023. However, hackers have declared a cyber war against the nation.

OpIndia: Anticipated G20 Cyber Attacks by Hacker Collectives

  Source: Telegram message about OpIndia and G20 cyber attacks (Photo: Falcon Feeds/  Twitter)

G20 member countries, including the United States, the United Kingdom, Germany, and Saudi Arabia, will meet to discuss pressing global issues pertaining to peace and technological progress.

As the G20 preparations progress, hacktivists have cleverly used cybercrime forums to galvanize hackers, encouraging them to concentrate their endeavors on the digital infrastructure of India.

Here are the Twitter IDs of the hackers who have been involved in the G20 cyber attacks thus far:–

@RedNotice_id

@ganosecteam01

@Team_Herox

@Hacktivist_indo

@Dan4Indonesia

Jambi Cyber Team Cyber Attacks

    Source: Official page of Jambi cyber team (Photo: Falcon Feeds/ Twitter)

As part of OpIndia and the G20 cyber attacks, Jambi Cyber Team has identified several Indian organizations’ websites as its prime targets. In their recent Twitter claim, they mentioned X and named numerous prominent hacker groups.

The confirmation of the cyber attacks on Indian websites is still pending, leaving the authenticity in question. The following Indian websites have been identified based on claims made by hacktivists on various social media platforms.

Hackers involved in the OpIndia and G20 cyber attacks have released samples of the data they obtained from various Indian websites. This involves sharing individuals’ registration details along with their photos on their respective social media platforms.

  • The Unified District Information System for Education (UDISE)
  • Educational Management Information System
  • Sangamner College
  • Shreehari
  • MPSC Online

Hackers released data pertaining to several school students. In the samples, student names, parents’ names, member IDs, and other profile data from their dashboard were posted.

They have also indicated their intention to leak more data in the future, all while making derogatory comments about the state of Indian cybersecurity infrastructure.

Indonesian hackers have joined the G20 cyber attack initiative and have been actively encouraging other hackers to target Indian websites.

On Telegram, the Indonesian text regarding the G20 cyber attacks was translated as ‘time not specified,’ which has sparked speculations regarding the timing of Operation India.

Prior to the start of the G20 Summit in 2023, Indian media the Cyber Express has uncovered multiple instances of Indian websites becoming the target of cyber-attacks. Most of the websites showing in Google search results belonging to India had their websites defaced.

The G20 cybersecurity measures must be strengthened in order to prevent security incidents. Everyone needs to prioritize cybersecurity, including governments, organizations, and individuals, due to the ongoing cyber warfare between nations.

(Media Disclaimer: This report relies on a combination of internal and external research gathered through diverse channels. It is important to note that the information presented here is intended solely for reference, and users are entirely accountable for their reliance on it. Infosecbulletin.com disclaims any responsibility for the accuracy or potential outcomes resulting from the use of this information.)

Check Also

Pune

Cyber heist: Pune losses Rs 6007 crore in cyber scam

India’s Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in …

Leave a Reply

Your email address will not be published. Required fields are marked *