Indian government domains compromised, misleading search results raise concerns

Indian government domains compromised, misleading search results raise concerns

Hyderabad: Multiple prominent Indian government domains are likely compromised, with their subdomains appearing in Google search results under “suspicious and misleading” search terms. The affected domains include ICAR.GOV.IN, MP.GOV.IN, RAJASTHAN.GOV.IN, and BIHAR.GOV.IN, all of which are listed under searches for “Free Zynga Chips,” a term associated with a popular online poker app originally made popular via Facebook.

The appearance of these government subdomains in search results for “Free Zynga Chips” not only misleads the public, but also potentially exposes sensitive government data to malicious entities. The term “Free Zynga Chips” is often associated with fraudulent activity and phishing schemes, which makes this breach even more concerning.

This alarming incident suggests a possible compromise of the DNS records of these websites, which raises significant concerns about the security and integrity of these government portals. The compromised DNS records indicate that unauthorized entities may have gained access to these records and manipulated them, resulting in the misleading search results.

Extent of the infringement known

  1. ICAR.GOV.IN (Indian Council of Agricultural Research)
  2. MP.GOV.IN (Government of Madhya Pradesh)
  3. RAJASTHAN.GOV.IN (Government of Rajasthan)
  4. BIHAR.GOV.IN (Government of Bihar)
  5. TELANGANA.GOV.IN (Government of Telangana)

Methodology used

Google allows one to specify their search by Top Level Domain (TLD). When “gov.in” is used to perform a search on Google for the term zynga free chips site:gov.in it will show you the results. Some of the results are as new as 15 hours old, suggesting that the domains are still compromised.

Opinion of Cybersecurity Researcher

A cybersecurity researcher stressed the urgency of addressing this breach. “DNS record manipulation is a serious issue that can lead to a wide range of cybersecurity threats, including data theft, phishing, and unauthorized access to sensitive information,” a cybersecurity researcher said. “It is imperative that government agencies implement robust security protocols and regularly audit their DNS records to prevent such incidents.”

Care for users and data

Critical need for robust cybersecurity measures in government digital infrastructure. As more government services move online, ensuring the security and integrity of these digital assets is paramount to maintaining public trust and protecting sensitive information.

Users are urged to remain vigilant and cautious of misleading search results or suspicious links, especially links claiming to offer ‘Free Zynga Chips’. These may seem harmless, but some of them may cause data breach, loss and potentially significant financial loss.

This post was last modified on July 20, 2024 8:59 pm