Saturday October 20, 2018
Home Uncategorized Two hackers c...

Two hackers claim to have Broken into Seven Indian High Commission Websites

The hackers allegedly leaked details of 161 Indians living in South Africa, 35 in Switzerland, 145 in Italy, 305 in Libya, 74 in Malawi, 14 in Mali and 42 in Romania

0
//
101
Representational image. Flickr
Republish
Reprint

New Delhi, November 7, 2016: Two hackers allegedly from the Netherlands claimed to have broken into seven Indian High Commission websites, publishing online the login details, passwords and database containing names, passport numbers, email-IDs and phone numbers of people of Indian origin, media reported on Monday.

According to a report in E Hacking News website, the Indian High Commissions where data breach happened are in South Africa, Libya, Italy, Switzerland, Malawi, Mali and Romania.

The hackers with Twitter names Kapustkiy and Kasimierz L later dumped the database on Pastebin.com (which later removed the details).

NewsGram brings to you latest new stories in India.

“I am from the Netherlands. I’ve found several SQL on their websites and I reported it. But they ignored me so I dumped there db [database],” one of the hackers told E Hacking News in an email.

The hackers allegedly leaked details of 161 Indians living in South Africa, 35 in Switzerland, 145 in Italy, 305 in Libya, 74 in Malawi, 14 in Mali and 42 in Romania.

The Indian Embassy in South Africa (http://www.hcisouthafrica.in/) was the first one to be hacked.

The Indian Embassy in Bern (Switzerland) was the second target (http://indembassybern.ch/) which had three databases with 19 tables with total 35 entries and login details with passwords.

Go to NewsGram and check out news related to political current issues.

“The compromised data includes the name, last name, email id, address, college and a course where students are enrolled,” the report added.

In Italy, the hackers entered into three databases with 149 entries, including the name, email-id, telephone numbers and passport numbers.

There was no official explanation from the Ministry of External Affairs on this development.

SQL (Structured Query Language) injection is one of the most widely exploited web application vulnerability used by hackers to steal data from online businesses’ and organisations’ websites.

Look for latest news from India in NewsGram.

This web application vulnerability is typically found in web applications which do not validate the user’s input.

“As a result, a malicious user can inject SQL statements through the website and into the database to have them executed,” www.netsparker.com reported.

Earlier this year, there were multiple reports that websites of seven Indian embassies were hacked and defaced by a group claiming to be from Pakistan. (IANS)

Click here for reuse options!
Copyright 2016 NewsGram

Next Story

Facebook Requests People To Re-Login Into Their Accounts To Secure From Hackers

Facebook said it does not know who is behind this massive security attack.

0
Fake News, Facebook
This photo shows the logo for Facebook on screens at the Nasdaq MarketSite, in New York's Times Square. VOA

After Facebook admitted that hackers broke into nearly 50 million users’ accounts by stealing their “access tokens” or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.

Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to “View As” look-up in the last year.

“For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms,” Chester Wisniewski, Principal Research Scientist with global cyber security major Sophos, told IANS.

Facebook
This Feb. 19, 2014, photo shows the social media giant’s app icon on a smartphone in New York. VOA

According to Dr Gary McGraw, Vice President of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.

“When a feature like ‘View As’ can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability,” noted Dr McGraw.

“Design flaws like this lurk in the mind boggling complexity of today’s commercial systems, and must be systematically uncovered and corrected when software is being designed and built,” he added.

Facebook
CEO Mark Zuckerberg delivers the keynote address at a Facebook developers conference in San Jose, California. VOA

If you’ve ever wondered what keeps you logged into your account even after you restart your laptop/browser – those are access tokens (cookies).

They maintain a constant session even when your IP changes.

“In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target’s account that would give the attacker, complete access of the target’s account,” said Saket Modi, CEO and Co-Founder of Lucideus, an IT risk assessment and digital security services provider.

According to experts, they don’t know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one’s profile data but, in this case, potentially the personal messages, pictures and chats, among others.

Facebook
Silhouettes of mobile users are seen next to a screen projection of Facebook logo in this picture illustration. VOA

“As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc,” Modi advised.

Facebook said it does not know who is behind this massive security attack.

Also Read: Facebook Suffers From Data Breach Putting 50 Mn People at Risk

“We’re working hard to better understand these details and “we will update this post when we have more information, or if the facts change,” said the company.

In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon. (IANS)