Indian Govt Websites Targeted by Hackers: Cryptojacking on the Rise in India

Sep 17 2018

The crypto-craze might be subsiding in India following the RBI regulations, but that has clearly not led to a fall in crypto-related crime such as cryptojacking. A recent report from Indian publication the Economic Times points out that several high-traffic websites of the Indian government are being used by hackers to mine for cryptocurrencies using the processing powers of the visitors. This malicious cyber-activity, commonly known as cryptojacking, is on the rise in India.

A number of Indian government websites, such as that of the Director of Municipal Administration of Andhra Pradesh, the Tirupati Municipal Corporation, and Macherla Municipality. All three of these websites are basically subdomains of ap.gov.in, which is the official website of the Andhra Pradesh government, getting over 1,60,000 visitors per month. 

The discovery of cryptojacking scripts running on the Andhra Pradesh government websites was made by Shakil Ahmed, Anish Sarma and Indrajeet Bhuyan, a team of security researchers from Guwahati. Commenting on this discovery, Bhuyan said:

“Hackers target government websites for mining cryptocurrency because those websites get high traffic and mostly people trust them. Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.” 

Bhuyan and his team have run a code across over 4,000 websites of the Indian government from the GOIdirectory.nic.in website which can help them identify which websites are being used for cryptojacking. However, they pointed out that some websites had been taken down even before them reaching out to the government. Earlier this year, the official website of Ravi Shankar Prasad, India’s Union Minister holding Law and Justice and Electronics and Information Technology portfolio, was also affected by cryptojacking.

The Economic Times claim in their report that they had informed JA Chowdary, IT advisor to the chief minister of Andhra Pradesh, about this vulnerability. He had replied to the information by saying: “Thanks for notifying us about the AP website hacking.” However, even as of the 16th of September, this has not been fixed. 

Reports from PublicWWW indicate that there are at least 119 websites in India which are affected by cryptojacking scripts. Earlier this year, websites of Indian newspapers The Asian Age and The Deccan Herald were also found to be affected by the same script. Reports from India had further indicated that over 2,000 computers of business giant Aditya Birla Group were also affected by a malware which was mining for cryptocurrencies. 

Moreover, India isn’t the only country where government websites have been affected with crypto-mining scripts. Earlier this year, websites of the UK Government, a Russian county website, as well as websites of the government of Egypt, were also affected with similar cryptojacking scripts. 

Economic Times also comments that security researchers claim that the next target for cryptojacking would probably be smart devices connected over Internet-of-Things (IoT) networks. Smart speakers and smart TVs, which may not be used all the day - but come with a high processing power can be potential targets of the future. In fact, over 13,500 home routers in India are mining for cryptocurrencies without the users knowing of it - which is the second highest number after Brazil, which ranks first. 
 

Comments