DDoS Attacks Target Multiple Indian Government & Academic Websites
Published on October 20, 2025
- Coordinated attacks: At least two hacktivist groups have claimed responsibility for launching DDoS attacks against multiple high-profile Indian websites.
- Government and education: These include critical government bodies, as well as top educational institutions.
- Two threat actors: The threat actor groups that targeted India's digital infrastructure are Ghilan Legion and Red Wolf Cyber.
Several prominent Indian government and academic websites have been reportedly targeted in a series of Distributed Denial-of-Service (DDoS) attacks claimed by two hacktivist groups. The targeted entities include critical government portals and esteemed educational institutions, signaling a significant event for Indian government cybersecurity.
The alleged attacks, designed to overwhelm servers with traffic and render them inaccessible, highlight the persistent vulnerability of public-facing digital infrastructure to disruptive cyber activities.
Hacker Groups Claim Responsibility
Two distinct threat actor groups have publicly claimed responsibility for the incidents targeting India. The group known as Ghilan Legion declared it attacked the:
- Ministry of Law and Justice,
- Press Information Bureau,
- Indian Institute of Technology Bombay,
- Indian Institute of Science.
This claim points to a coordinated effort to disrupt both governmental and academic sectors. In March, Ghilan Legion formed an alliance with NoName, targeting India, Israel, Italy, Taiwan, Denmark, and Ukraine.
In a separate claim, the group Red Wolf Cyber stated it was behind DDoS attacks on Indian websites of Government of India's e-Visa services portal and the Ministry of Tourism.
Red Wolf Cyber Team is a hacktivist group that emerged in late 2024 and reportedly targets countries “it sees as enemies,” aligning with NoName057(16) by August, 2025. Yet, NoName057(16) was dismantled in a global crackdown on Pro-Russian hacktivists striking NATO allies.
These parallel claims from different actors suggest a possibly broader, coordinated campaign against Indian online services.
Implications for National Cybersecurity Posture
These claimed attacks underscore the ongoing threat that DDoS campaigns pose to national security and public services. By targeting visa portals, information bureaus, and key ministries, the attackers aim to cause maximum disruption and attract public attention.
The involvement of multiple hacktivist groups, including the Ghilan Legion cyberattack and the Red Wolf Cyber claims, indicates a complex and motivated threat landscape.
In August, TechNadu reported that Mirai-based botnet Gayfemboy resurfaced with enhanced evasion, exploiting known vulnerabilities in routers and platforms to launch DDoS attacks.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular