Months after TechCrunch, some Indian government websites continue to allow fraudulent links on their official domains. This case is reported. last year
TechCrunch found more than 90 links to “gov.in” websites associated with Indian government departments, including the Indian Council of Agricultural Research and India Post, as well as state governments and councils in Haryana and Maharashtra, and other online affiliates. Gambling and investment scams. Search engines like Google index fraudulent links hosted on government sites, increasing the likelihood that they will be discovered by regular Internet users.
in May, TechCrunch reports that there are about four dozen links to Indian government websites. Redirected to online gambling platforms. India's cyber agency, the Computer Emergency Response Team, known as CERT-In, stepped up the matter at the time. However, Whether the government has fixed the underlying flaw that fraudsters are exploiting to plant their links. No, not clear.
Deedy Das of Menlo Ventures; posted. This week, social media platform X rekindled the issue, indicating that hacked pages were circulating.
Security researcher Bob Diachenko told TechCrunch that the issue could be reoccurring due to a compromise in the websites' content management systems (CMS) or server configurations.
“If the symptoms (eg, malicious content) are removed before the root cause (eg, a vulnerability or backlog is left unaddressed), Attackers can reintroduce the problem,” Diachenko said. “It's not a very difficult exercise, but it requires a pause and effort.”
Earlier this week, TechCrunch contacted CERT-In with a few affected links. Around the time of publication, links started showing a “page not found” error, but the agency did not respond to the email.