Indian govt domains compromised, misleading search results raise concern

The compromised DNS records indicate that unauthorised entities may have gained access and manipulated these records

Photo of News Desk News Desk Follow on Twitter |   Updated: 21st July 2024 11:51 am IST
Subdomain of multiple Government Websites suggests breach
Subdomains of multiple government domains suggest access breach

Hyderabad: Several prominent Indian government domains are likely to have been compromised, with their subdomains appearing in Google search results under ‘suspicious and misleading’ search terms. The affected domains include ICAR.GOV.IN, MP.GOV.IN, RAJASTHAN.GOV.IN, and BIHAR.GOV.IN, all of which are being listed under searches for ‘Free Zynga Chips’, a term associated with a popular online poker app originally popularised through Facebook.

The appearance of these government subdomains in search results for ‘Free Zynga Chips’ not only misleads the public but also potentially exposes sensitive government data to malicious entities. The term ‘Free Zynga Chips’ is commonly associated with fraudulent activities and phishing schemes, making this breach even more concerning.

This alarming incident suggests a potential breach in the DNS records of these websites, raising significant concerns about the security and integrity of these government portals. The compromised DNS records indicate that unauthorised entities may have gained access to and manipulated these records, resulting in the misleading search results.

Subdomain of mp.gov.in

Scope of breach known

  1. ICAR.GOV.IN (Indian Council of Agricultural Research)
  2. MP.GOV.IN (Government of Madhya Pradesh)
  3. RAJASTHAN.GOV.IN (Government of Rajasthan)
  4. BIHAR.GOV.IN (Government of Bihar)
  5. TELANGANA.GOV.IN (Government of Telangana)

Methodology used

Using Google, one can specify its search to Top Level Domain (TLD). When “gov.in” is used to perform a search on Google for the term zynga free chips site:gov.in will show you the results. Some of the results are as new as 15 hours old, which suggest the domains are still compromised.

Opinion by Cybersecurity Researcher

A cybersecurity researcher has emphasised the urgency of addressing this breach. “The manipulation of DNS records is a serious issue that can lead to a wide range of cybersecurity threats, including data theft, phishing, and unauthorised access to sensitive information,” said a cybersecurity researcher. “It is imperative for government agencies to implement robust security protocols and regularly monitor their DNS records to prevent such incidents.”

Concern for users and data

Critical need for robust cybersecurity measures in government digital infrastructure. As more government services move online, ensuring the security and integrity of these digital assets is paramount to maintaining public trust and safeguarding sensitive information.

Users are requested to remain vigilant and cautious of any misleading search results or suspicious links, especially those claiming to offer ‘Free Zynga Chips’. These might seem harmless but some of them have the potential to cause a data breach, loss and could possibly result in a significant financial loss.

Tags
Photo of News Desk News Desk Follow on Twitter |   Updated: 21st July 2024 11:51 am IST

Get the news updates on WhatsApp & Telegram by subscribing to our channels. For all the latest India updates, download our app Android and iOS.

Back to top button