Threat Actor Characterization
DragonForce Malaysia
ID: 31622d85a3826aa600d14a779a5f9cb796975| DFM | DFRC | Dr********** | Dr********* |
| Dr*************** | Dr*********** | Dr***************** | Ha*********************** |
| My************ | — | — | — |
Actor Network Graph
Open Network GraphMITRE ATT&CK®
DragonForce Malaysia is a Malaysia-based hacktivist collective associated in OSINT with politically motivated cyber operations, notably DDoS/DoS disruption, website defacement, and public claim/amplification campaigns coordinated via social platforms such as Telegram. Reported operations include campaigns targeting Indian organizations and pro-Palestinian/anti-Israel aligned narratives.
| Technique | Technique name | Tactics | Evidence |
|---|---|---|---|
| T1595 | Active Scanning | TA0043 |
|
| T1585 | Establish Accounts | TA0042 |
|
| T1587 | Develop Capabilities | TA0042 |
|
| T1498 | Network Denial of Service | TA0040 | |
| T1491.002 | External Defacement | TA0040 | |
| T1566 | Phishing | TA0001 |
|
CLASSIFICATION: Unclassified / Open Source
Executive Summary
DragonForce Malaysia began as a pro-Palestinian hacktivist collective famous for OpsBedil (2021–2022) and OpsPetir (2023) campaigns against Israel and, at times, India. In 2025, multiple vendors assess an evolution into a ransomware-extortion operation (a distinct “DragonForce” ransomware brand/cartel), claiming major retail victims in the UK and elsewhere. The hacktivist → cybercrime pivot is still being consolidated across research, but the weight of 2025 reporting supports a financially-motivated RaaS trajectory layered on top of earlier defacement/DDoS/dox activity. Confidence: high for the hacktivist history; medium-high for the ransomware expansion (multi-vendor).
- Origins. Publicly documented as pro-Palestinian and Malaysia-based; active social channels and a forum in early years.
- Pivot. By 2025, multiple vendors (SentinelOne, Group-IB, others) profile “DragonForce” as a ransomware group with global victims, suggesting organizational/brand evolution.