This year, DragonForce Malaysia returns for the third year in a row with operations targeting Israel. OpsPetir, an official replacement for OpsBedil, is a rebranded campaign from DragonForce Malaysia.
Download a Copy Now
DragonForce Malaysia, a pro-Palestinian hacktivist group located in Malaysia, returns for a third year with rebranded operations targeting Israel.
Figure 1: DragonForce Malaysia OpsPetir
This year, DragonForce Malaysia returns for the third year in a row with operations targeting Israel. OpsPetir, an official replacement for OpsBedil, is a rebranded campaign from DragonForce Malaysia. The operation, announced on the morning of April 11th, is scheduled to begin on the evening of April 12th.
In June of 2021, DragonForce Malaysia launched OpsBedil in response to an Israeli ambassador to Singapore stating that Israel was ready to begin working towards establishing ties with Southeast Asia’s Muslim-majority nations. The following year, in April, the group launched OpsBedil Reloaded in reaction to political confrontation in Israel.
After being absent during the return of OpIsrael 2023, on April 11th, the threat group posted a press release to their forum calling for all Muslim cyber warriors, human rights activists, journalists, and Malaysians alike to join their operation targeting Israel. OpsPetir will officially begin on April 12th at 9.30 pm (MYT), 2.30pm Israel time, and is projected to last until April 20th.
The driving force behind OpsPetir is DragonForce Malaysia, a pro-Palestinian hacktivist group in Malaysia. The group has been observed working with several threat groups over the years, including the T3 dimension Team, Reliks Crew, and AnonGhost. In addition, DragonForce Malaysia has an active forum where threat actors post campaign announcements and discuss varying tactics, techniques, and procedures. The group also has a Telegram channel, but most of their content is replicated throughout the forum and other social media platforms, including Discord, this year. Before OpsPetir, DragonForce Malaysia targeted India with OpsPatuk, a reactionary operation related to a political figure's controversial statements in India about the Prophet Muhammad.
DragonForce Malaysia is not considered an advanced or persistent group. Where they lack sophistication, they make up for it with their organizational skills and ability to quickly disseminate information. After years of growth, their forum contains dozens of tutorials and guides on how to install tools and launch various attacks. The group also uses well-designed advertisements that list target information to entice followers to join the operations. It is typical for the group to announce a campaign less than 24 hours in advance.
User Pari Malam, aka Night Pari, has released a denial-of-service tool called CyberTroopers for OpsPetir. The obfuscated Python program includes functionality to download lists of free and open proxy and SOCKS services on the internet from free-proxy-list[.]net and proxyscrape[.]com. The collected proxy and SOCKS services are leveraged to spoof and randomize the origin of the attacks and increase the complexity of detection and mitigation for L7 application attacks. Cyber Troopers will be used by dozens of members of DragonForce Malaysia on April 12th to target multiple government institutions and organizations across Israel over the coming week. By exploiting the tool's TCP, UDP and HTTP flooding capabilities, the group will aim to disrupt and temporarily disable online services and websites to draw attention to their political statement.