Indian government websites are still redirecting users to scam sites | TechCrunch

Photo of author

By admin


Some Indian government websites are allowing scammy links on their official domains – months after TechCrunch Report the problem last year

TechCrunch found links to more than 90 “gov.in” websites, including the Indian Council of Agricultural Research and India Post, as well as state governments and councils in Haryana and Maharashtra and other government departments redirecting to linked sites online. Betting and investment scams. Search engines like Google have indexed scam links hosted on government sites, increasing the risk of being found by regular internet users.

A screenshot showing several search engine results containing links — hosted on Indian government domains — to fraudulent websites about shady investments and online betting.
Several search results show compromised Indian government website hosting scam sites.

In May, TechCrunch reported that about four dozen Indian government website links Redirected to online betting platform. India's cyber agency, the Computer Emergency Response Team, known as CERT-In, stepped up the matter at the time. However, it remains unclear whether the government has fixed the underlying flaw that scammers are exploiting to set up their links.

DD Das of Menlo Ventures, among others, has been posted The issue is about to resurface on social media platform X this week, indicating that hacked pages are widespread.

Security researcher Bob Dyachenko told TechCrunch that the issue could be triggered by a compromise in the websites' content management system (CMS) or server configuration.

“If only symptoms (eg, malicious content) are removed without addressing the root cause (eg, vulnerabilities or backdoors), attackers can reintroduce the problem,” Diachenko said, “This is not a very challenging exercise but requires some downtime and effort. .”

Earlier this week, TechCrunch contacted CERT-In with some of the affected links. The company did not respond to emails, though the links started showing “page not found” errors when published.



Source link

Leave a Comment