From 313dd82bb95787608e219c63f0490c59eecedc6c Mon Sep 17 00:00:00 2001
From: Mathieu Beligon <mathieu@feedly.com>
Date: Wed, 29 Nov 2023 11:28:37 -0800
Subject: [PATCH] [threat-actors] Add DragonForce

---
 clusters/threat-actor.json | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 0fb8af9..bf16ce6 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13537,6 +13537,22 @@
       },
       "uuid": "4915bfa3-5f0a-48ec-8ed5-bcd878cba504",
       "value": "MalKamak"
+    },
+    {
+      "description": "DragonForce is a hacktivist group based in Malaysia that has been involved in cyberattacks targeting government institutions and commercial organizations in India. They have also targeted websites affiliated with Israel and have shown support for pro-Palestinian causes. The group has been observed using defacement attacks, distributed denial-of-service attacks, and data leaks as part of their campaigns. DragonForce Malaysia has demonstrated an ability to adapt and evolve their tactics over time.",
+      "meta": {
+        "country": "MY",
+        "refs": [
+          "https://www.darkowl.com/blog-content/hacktivist-groups-use-defacements-in-the-israel-hamas-conflict/",
+          "https://blog.radware.com/security/2023/05/india-one-of-the-most-targeted-countries-for-hacktivist-groups/",
+          "https://securitybrief.asia/story/dragonforce-malaysia-attacks-israeli-institutions-radware",
+          "https://www.radware.com/security/threat-advisories-and-attack-reports/opisrael-a-decade-in-review/",
+          "https://blog.radware.com/security/ddos/2022/08/this-was-h1-2022-part-3-beyond-the-war/",
+          "https://www.fortinet.com/blog/threat-research/guidance-on-hacktivist-operation-opspatuk-by-dragonforce"
+        ]
+      },
+      "uuid": "40375ed2-04ec-433f-969d-b9a004c0272e",
+      "value": "DragonForce"
     }
   ],
   "version": 295