Search This Blog

Showing posts with label NIC. Show all posts

NIC hacked by a malware, over 100 computers compromised

 

Recently, India's largest data agency NIC ( National Informatics Center) was hacked by a malware unidentified as of yet. The attack was sent from an email, infiltrating the network and around a hundred computers were affected. 



After the attack, the incident was reported to Delhi Police's Special Cell and the case was registered under the Information Technology Act (IT Act). The attack came from an email, which upon opening by an employee - all data from the machine was stolen and encrypted. 

The National Informatics Center is a branch of the Ministry of Electronics and Information Technology (MEITY). The NIC is responsible for the government's technical infrastructure and for the implementation and delivery of digital India initiatives. The Institute contained sensitive information related to National Security, India's Citizens, Home Ministry, Security Advisor, and the stolen data could very well harm National Interest. 

Upon investigation by Delhi Police, the attack was confirmed as a Malware coming from an email bait. While it was reported by only one employee, several of the workers got this mail containing the malware and when the user clicked on this mail, his system was compromised. Likewise, hundred of such computers were infected.

The IP address from the mail was detected to be from the Bengaluru office of an American company.

Attack from Anonymous?
Some sources say that this attack was from the infamous hacking group- Anonymous. Some days back the official website of the Indian Army and according to firstpost.com, a letter was sent to the Indian Government stating- 

 "We are Anonymous Again. 

 To the People of India and Government,
 You Have Underestimated the Power of people. You thought First NIC Hack by Anonymous was a Playful act, "THINK AGAIN".
 We are not here to Play with anyone. We are here to send a message to all the people who support the Anti-corruption bill. We took Down Indian Army Official Site and NIC knows more about what we did. We do not support anyone, We Support Only The Anti-Corruption Bill.

No one can speak for Anonymous, Nothing is Official." 

 It could be that both these attacks are linked and from the same group.

Sri Lankan NIC site(nic.lk) hacked via SQL injection vulnerability

Recently, we reported that the hackers defaced Top level Domains of Turkmenistan including Google, Gmail, youtube, by exploiting the vulnerability in NIC.tm. Today they have discovered vulnerability in another NIC website.

The hackers found a critical SQL injection vulnerability in Sri Lankan NIC website(nic.lk) that allows hackers to hijack top level Sri Lankan domains .



NIC websites are considered to be most important part of every country on the internet . A network information center (NIC), is the part of the Domain Name System (DNS) of the Internet that keeps the database of domain names, and generates the zone files which convert domain names to IP addresses.

Each NIC is an organization that manages the registration of Domain names within the top-level domains for which it is responsible, controls the policies of domain name allocation, and technically operates its top-level domain.

"any unauthorized access can make a disaster to compromised country ." The hackers said " for example changing all governments website’s DNS to hacker DNS and grab all high-level man of country credentials."

Hackers compromised data from the database and dumped data. They claimed that they reported to nic but there is no response from security team.