Government websites held hostage by online betting scam: Over 300 portals compromised, hacker activities traced to foreign locations

Published on:

It has come to light that more than 300 government websites, including those of central and state governments, have fallen prey to hackers orchestrating an online betting scam. The culprits believed to be operating from foreign locations such as Indonesia, Thailand, and Pakistan, have exploited these compromised portals to display advertisements related to online gaming and cricket betting. Upon clicking on these advertisements, unsuspecting users are directed to payment gateways, initiating potentially fraudulent transactions.

The alarming aspect of this situation is the lack of awareness within several state departments, including the Resham Sanchalnalya of Madhya Pradesh, the Kerala government, the Telangana government, and the Uttarakhand Information Commission. Despite being alerted to such hacking activities, some state authorities have yet to take immediate action.

The Computer Emergency Response Team (CERT) of the central government has identified numerous websites involved in these fraudulent activities. Even the official portal of the Bureau of Indian Standards, responsible for alerting about counterfeit and adulterated goods, has fallen victim to this betting scam, reported Dainik Bhaskar.

The method of these hackers involves deploying ransomware attacks when cybersecurity teams attempt to rectify the compromised websites. This results in the complete seizure of data from the targeted portals. Government websites, meant to publicise crucial information, are now increasingly becoming susceptible to ransomware attacks.

Several URLs, including those of prominent government departments, have been identified as channels for online gaming and cricket betting links. Some of these compromised portals include:

  1. ciae.icar.gov.in – Agricultural Research Department, Government of India.
  2. foldcope.dbtindia.gov – Department of Biotechnology, Government of India.
  3. uia.mic.gov.in – UNESCO India.
  4. sic.mic.gov.in – School of Innovation Council, Government of India.
  5. etapal.mhada.gov.in – Housing Department, Government of Maharashtra.
  6. eresham.mp.gov.in – Resham Directorate, Government of Madhya Pradesh.
  7. uic.uk.gov.in – Uttarakhand Information Commission.
  8. services.bis.gov.in – Bureau of Indian Standards.
  9. chennaiport.gov.in – Chennai Port Authority.

It is a matter of concern that more than 300 government portals are being utilised to spread links related to betting activities. These links are particularly active during cricket matches, with a flood of messages during live matches, especially popular tournaments like the Indian Premier League (IPL).

Hackers, exploiting the official URLs of government websites for advertising purposes, capitalise on the public’s interest in ongoing cricket matches. As users log in to play games, they are guided through payment gateways where they are required to recharge their wallets in advance. The option of cryptocurrency is often presented as a means of payment for these transactions. Winning amounts are then allegedly returned through the same channel.

This emerging cyber threat underlines the vulnerability of government websites to hacking and the pressing need for swift and comprehensive cybersecurity measures to safeguard critical online frameworks.

Related