Monday June 24, 2019
Home Science & Technology An Indian Ext...

An Indian External Affairs Ministry Official Thanks 17-Year-Old Hacker for pointing out Flaws in Indian Diplomatic Missions’ Websites

Kapustkiy had posted on a web site some personal information of 418 people registered with the mission

0
//
Hacking ( representational Image) VOA

New York, November 16, 2016: An Indian External Affairs Ministry official has thanked a 17-year-old hacker who exposed flaws in Indian diplomatic missions’ websites that allowed intruders to gain access to non-public information, and said the problems were being fixed.

“Thank you for your advice,” Sanjay Kumar Verma, Joint Secretary, eGovernance and Information Technology wrote to the hacker who uses the identity, Kapustkiy. “We are fixing codes one by one.”

NewsGram brings to you current foreign news from all over the world.

“Your help in probing websites of various Indian embassies is a great help,” he added.

Kapustkiy, who posted Verma’s message to him on his Twitter account and copied to an IANS correspondent, has broken into websites of Indian diplomatic missions in eight countries.

Meanwhile, the Indian Consulate here said that its website was being secured. Kapustkiy had posted on a website some personal information of 418 people registered with the mission, that he said he got by intruding into its web site.

“The consulate has taken immediate action to secure the contents of its website,” L. T. Ngaihte, the head of chancery, said in a note to IANS.

In addition to the New York consulate, Kapustkiy had broken into web sites of Indian diplomatic missions in South Africa, Libya, Malawi, Mali, Italy, Switzerland and Romania and put some information he had taken from there on pastebin.com, which is open for public posting of information.

NewsGram brings to you top news around the world today.

Kapustkiy, who said he is a student in Tokyo, asserted, “It took me only three seconds to gain access to their database.”

He said that his intentions in carrying out the hack were good and that he did not consider himself a hacker.

“I didn’t want to do any damage but to let administrators to pay attention (to the vulnerabilities),” Kapustkiy told IANS in an interview conducted on Twitter messaging.

He said that he decided to post some information on pastebin.com because he did not get a response from web site administrators when he pointed out the flaws.

“While we appreciate your help, please do not post the details on Paste Bin,” Verma wrote to him.

Check out NewsGram for latest international news updates.

Verma’s response was in reply to Kapustkyi’s email with suggestions on fixing the security flaws. He used ProtonMail, a secure service that operates under the strict Swiss laws that protect the identity of users and the communications.

The personal information from the New York Consulate General that was posted on pastebin.com has been removed while some non-personal information remained as of Wednesday evening. The material from other Indian missions were scrubbed earlier. (IANS)

Next Story

After 750 mn, Hacker Puts 93 mn More Users’ Data on Sale

While some of these websites - particularly MyHeritage, MyFitnessPal and Animoto - warned their customers last year that they had been compromised, several others have started notifying users about the hacks

0
Due to its nature, the chip is physically unclonable and can, thus, render the device invulnerable to hijacking, counterfeiting or replication by cyber-criminals
Representational image. Pixabay

The hacker who earlier stole and posted data of close to 750 million users of various popular websites on a Dark Web marketplace has now put up the third set of nearly 93 million hacked databases for sale.

According to a report on zdnet.com late Sunday, the hacker this time is selling an additional 93 million user records from eight companies, including GfyCat which is a popular GIF hosting and sharing platform.

“The hacker is selling each database individually on Dream Market. Together, all eight are worth 2.6249 bitcoin, which amounts to roughly $9,400,” said the report.

The stolen information mainly includes account holders’ names, email addresses and passwords.

The hacker, who goes by the name Gnosticplayers, earlier posted a batch of 16 websites containing the data of 620 million users and a second batch of eight portals with the data of 127 million users, that included 18 million user records from travel booking site Ixigo and 40 million from live-video streaming site YouNow.

The hacker aims to sell over one billion user records and then disappear with the money.

Travellers
Travellers must take extra precautions to secure their systems and data when in foreign countries. Pixabay

His current total stands at roughly 840 million records.

“New leaks are coming, including one from a cryptocurrency exchange,” the hacker told ZDNet.

Earlier, the same hacker claimed he had more than 151 million records from MyFitnessPal and 25 million records from Animoto and many other from several major sites.

Also Read- Chinese Police Catches Hold of $1.5 Billion Money in Online Lending Scandal

It has been claimed that databases, which are aimed at making “life easier” for hackers, can be purchased from the Dream Market cyber-souk, located in the Tor network, for less than $20,000 in bitcoin.

While some of these websites – particularly MyHeritage, MyFitnessPal and Animoto – warned their customers last year that they had been compromised, several others have started notifying users about the hacks. (IANS)