The problem, which spread to numerous pages, was first noticed last year, but it seems to be continuing.
Among other things, the website of the Indian Postal Service has directed visitors to a place where they should not end up. Dmitry Rukhlenko
Information technology publication Techcrunch wrote in May 2024 about a peculiar phenomenon that had taken root on the websites of various authorities in India. When you tried to get to the site, you unexpectedly ended up in online casinos.
Techcrunch found several dozen hijacked gov.in sites. These included, for example, the websites of the state authorities of Goa, Karnataka and Kerala. Some of the sites belonged to state police forces or tax authorities.
The sites directed visitors to a gambling site that advertised itself as the most popular in Asia. Another destination for visitors was a gambling platform related to playing cricket.
Techcrunch reported its findings to the Cyber Authority of India, which assured to look into the matter. Now the site though newsthat even though it has been many months since the announcement, the same trend still seems to continue.
The party responsible for hijacking the pages seems to be a mystery, at least for now. In any case, more pages have now been hijacked, more than 90.
Representative of the Menlo Ventures investment company Deedy Das write in its X updatethat there were more than 200 hijacked pages. However, it is unclear what the claim is based on.
Apart from the official websites of the states, the websites of the Indian Postal Service and the Council of Agricultural Research are also included.
The hijacked sites redirect to online casinos as before. However, some of them also lead their visitors to investment scams.
Information security researcher Bob Diachenko speculates to Techcrunch that the problem may stem from incorrectly configured server settings or a security hole in the content management system.
– If only the symptoms of the problem (e.g. malicious content) are removed without treating their cause, the attackers can do it again, Diachenko tells Techcrunch.
The Cyber Authority of India did not respond to Techcrunch’s contact regarding the hijacked pages this time. However, the pages reported to it started showing “page not found” error messages around the same time, so at least something must have been done about it.