Tuesday January 21, 2020
Home Science & Technology An Indian Ext...

An Indian External Affairs Ministry Official Thanks 17-Year-Old Hacker for pointing out Flaws in Indian Diplomatic Missions’ Websites

Kapustkiy had posted on a web site some personal information of 418 people registered with the mission

0
//
ethical hacking, CEH certification
CEH Certification has now become one of the most common courses to take up in this present era where technology has already driven people crazy regarding its fabulous results and outputs. VOA

New York, November 16, 2016: An Indian External Affairs Ministry official has thanked a 17-year-old hacker who exposed flaws in Indian diplomatic missions’ websites that allowed intruders to gain access to non-public information, and said the problems were being fixed.

“Thank you for your advice,” Sanjay Kumar Verma, Joint Secretary, eGovernance and Information Technology wrote to the hacker who uses the identity, Kapustkiy. “We are fixing codes one by one.”

NewsGram brings to you current foreign news from all over the world.

“Your help in probing websites of various Indian embassies is a great help,” he added.

Kapustkiy, who posted Verma’s message to him on his Twitter account and copied to an IANS correspondent, has broken into websites of Indian diplomatic missions in eight countries.

Meanwhile, the Indian Consulate here said that its website was being secured. Kapustkiy had posted on a website some personal information of 418 people registered with the mission, that he said he got by intruding into its web site.

“The consulate has taken immediate action to secure the contents of its website,” L. T. Ngaihte, the head of chancery, said in a note to IANS.

In addition to the New York consulate, Kapustkiy had broken into web sites of Indian diplomatic missions in South Africa, Libya, Malawi, Mali, Italy, Switzerland and Romania and put some information he had taken from there on pastebin.com, which is open for public posting of information.

NewsGram brings to you top news around the world today.

Kapustkiy, who said he is a student in Tokyo, asserted, “It took me only three seconds to gain access to their database.”

He said that his intentions in carrying out the hack were good and that he did not consider himself a hacker.

“I didn’t want to do any damage but to let administrators to pay attention (to the vulnerabilities),” Kapustkiy told IANS in an interview conducted on Twitter messaging.

He said that he decided to post some information on pastebin.com because he did not get a response from web site administrators when he pointed out the flaws.

“While we appreciate your help, please do not post the details on Paste Bin,” Verma wrote to him.

Check out NewsGram for latest international news updates.

Verma’s response was in reply to Kapustkyi’s email with suggestions on fixing the security flaws. He used ProtonMail, a secure service that operates under the strict Swiss laws that protect the identity of users and the communications.

The personal information from the New York Consulate General that was posted on pastebin.com has been removed while some non-personal information remained as of Wednesday evening. The material from other Indian missions were scrubbed earlier. (IANS)

Next Story

Hacker Leaks Passwords for Over 5 Lakh Servers, IoT Devices

In a bone-chilling incident, parents of an eight-year-old girl in the US were left stunned when a hacker accessed a camera installed in their daughter's room and taunted her

0
hackers
Hackers have become an invaluable extension of the most trusted security teams. Pixabay

A hacker has leaked usernames and passwords of over five lakh servers, routers and Internet of Things (IoT) devices on the Dark Web which can be used to install malware on Internet-connected devices at home or at work.

Attackers could use those credentials to gain remote access to the affected devices, like we have seen recently in some home cameras and devices, including Amazon-owned Ring security cameras.

According to a ZDNet report on Sunday, the list of Telnet credentials has been published on a popular hacking forum that includes each device’s IP address, along with a username and password for the Telnet service.

Telnet is one of the earliest remote login protocols on the Internet. It is a client-server protocol that provides the user a terminal session to the remote host from the telnet client application.

“Hackers scan the internet to build bot lists, and then use them to connect to the devices and install malware,” said the report.

The list has been published online by the maintainer of a Direct Denial of Service (DDoS) botnet operator.

Cyber attack
Hackers and cyber criminals have IT managers on their target as per the survey. Pixabay

However, some of these devices might now run on a different IP address, or use different login credentials.

“Some devices were located on the networks of known Internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major Cloud service providers,” the report mentioned.

The five lakh devices still remain at hacking risk as a hacker can use the IP addresses included in the lists and then re-scan the internet service provider’s network to update the list with the latest IP addresses.

Also Read: Actress Raveena Tandon to Produce Web Series on Personality Disorder

Amazon’s Ring subsidiary came in news for all the wrong reasons where customers’ in-house cameras were broken into and the hackers tried to intimated the residents, including children.

In a bone-chilling incident, parents of an eight-year-old girl in the US were left stunned when a hacker accessed a camera installed in their daughter’s room and taunted her. (IANS)