The notorious hacking group R00Tk1t has shifted its focus from Malaysian organizations toward India, marking a concerning development in the threat actor plans. The threat actor, on its Telegram channel has warned India’s running government of BJP cyberattack, citing the current political party in power over “manipulation of EVM (Electronic Voting Machine) machines and election results”.
The R00Tk1t hacker group is a prominent threat actor on the dark web, specializing in deploying malicious software to gain unauthorized access to networks or systems, often leaving no trace of their intrusion.
The timing of this alleged Bharatiya Janata Party cyberattack coincides with the upcoming 2024 elections in India, which encompass general elections, elections to the Rajya Sabha (Upper House of the Parliament), state legislative assemblies, and urban local bodies.
This electoral process, spanning from April 19, 2024 to June 1, 2024, marks the largest-ever election in the world, with new implications for the future of Indian governance.
Alleged BJP Cyberattack Claims During the Upcoming 2024 Elections
The methods employed by R00Tk1t encompass a range of sophisticated techniques, including hooking, direct kernel object manipulation, virtualization, firmware-level rootkits, and memory-based rootkits. These techniques enable the group to infiltrate systems, steal sensitive data, and manipulate files without detection, posing a threat to the integrity of digital infrastructure.
With a history of targeting financial institutions, government databases, and multinational corporations, R00Tk1t has now set its sights on India, as evidenced by the claims of a cyberattack on the Bhartiya Janta Party (BJP), the ruling political party in India. The hacker group publicly announced their intentions, citing grievances against the BJP for alleged favoritism towards the wealthy, oppression of marginalized communities, and manipulation of democratic processes.
The timing of this cyberattack coincides with the 2024 elections in India. R00Tk1t has also accused the BJP government favoring the wealthy and oppressing the poor and marginalized. The Cyber Express has reached out to the political party to learn more about the alleged claims of cyberattack on BJP and how the party will spruce up its security. However, at the time of writing this, no official statement or response have been received.
Who is the R00Tk1t Hacker Group?
Prime Minister of India Narendra Modi, seeking a third consecutive term, faces unprecedented challenges amidst the claims of a BJP cyberattack and heightened geopolitical tensions. The alleged intrusion by R00Tk1t highlights the advancing threats targeting the Indian subcontinent, and may call for a more significant cybersecurity measures to safeguard against future attacks.
Prior to targeting India, R00Tk1t garnered attention for its cyber campaigns against Malaysia, culminating in a series of high-profile breaches. The R00TK1T hacking group previously issued threats against Malaysia’s infrastructure, sparking concerns from cybersecurity authorities. The group warned of impending cyberattacks and declared that no system was safe. Malaysian organizations were urged to implement preventive measures as the campaign included web defacement and data theft.
Despite warnings, several companies including Aminia and YouTutor were targeted, with claims of system breaches and data theft. Maxis, a telecommunications company, was also allegedly infiltrated, prompting a standoff with R00TK1T. The hacking group further threatened to escalate attacks on various Malaysian companies until their demands were met. R00TK1T’s history includes targeting multinational corporations like L’Oreal and Qatar Airways.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.