Gujarat ATS arrests 18-year-old for cyberattacks during Operation Sindoor
The accused attempted to bring down at least 20 government websites on May 7, the day when Operation Sindoor was launched
Ahmedabad: The Gujarat Anti-Terrorism Squad (ATS) has arrested 18-year-old Jasim Shahnawaz Ansari from Nadiad who, along with other juvenile accomplices, orchestrated multiple cyberattacks against several Indian government websites, especially amid Operation Sindoor, India’s military response following the Pahalgam terror attack.
“The accused, a 12th-grade dropout, gained expertise in various programming languages, but his case exemplifies knowledge gone astray, driven not by financial motives but by radicalised ideology. The accused attempted to bring down at least 20 government websites on May 7, the day when Operation Sindoor was launched. Ansari also shared provocative anti-India messages on Telegram, including statements like, ‘India may have initiated it, but we will conclude it,’” Virjit Parmar, deputy superintendent of police, Gujarat ATS told HT.
Parmar said that a case had been registered against the accused on May 19 at ATS Police Station under sections 66(F) and 43 of the Information Technology Act, 2000. Section 66(F) deals with cyberterrorism, criminalising acts that threaten India’s security or disrupt essential services through computer resources, while Section 43 covers unauthorised access to or damage of computer systems.
This arrest comes amid heightened vigilance by Indian security agencies following directives from both central and state governments to monitor anti-national activities across internet platforms including the dark web following Operation Sindoor, said a second official. The group led by accused Ansari has allegedly targeted more than 50 central and state government websites so far.
Investigation by Gujarat ATS showed that Ansari and other juvenile offenders had created a Telegram group called “Anonsec” and were attempting to bring down various Indian websites through Distributed Denial-of-Service (DDoS) attacks. They are used to overwhelm servers with malicious traffic making them inaccessible to legitimate users. Such attacks can disrupt online services, cause financial damage, and harm an organisation’s reputation.
The investigation revealed that the group specifically targeted websites in critical sectors including defence, finance, aviation, urban development institutions and state government portals. They took screenshots of these attacks and posted them on the Telegram group along with anti-India inflammatory content.
While Ansari has been arrested, the ATS has not disclosed the exact number of juvenile accomplices involved in the cyber terror campaign. These juveniles will be processed according to the Juvenile Justice Act, officials said.
“The suspects learned Python programming language and used tools like Pydroid and Termux to execute their attacks. They cloned DDoS attack tools from GitHub and modified them to target specific websites,” said an official.
The ATS investigation showed that the accused learned hacking skills from YouTube and used tools downloaded from GitHub. They deployed TERMUX and PYDROID3 applications to execute DDoS attacks, which overwhelm servers with malicious traffic making them inaccessible to legitimate users. These attacks can disrupt online services, cause financial damage, and harm an organisation’s reputation.
After disrupting government websites, the perpetrators posted screenshots on their Telegram channel with anti-India messages such as “Several Government sites of India has been touch by AnonSec..!” and “Hi, India we just took down your financial shield and servers.”
