Wednesday August 15, 2018
Home Uncategorized Two hackers c...

Two hackers claim to have Broken into Seven Indian High Commission Websites

The hackers allegedly leaked details of 161 Indians living in South Africa, 35 in Switzerland, 145 in Italy, 305 in Libya, 74 in Malawi, 14 in Mali and 42 in Romania

0
//
99
Representational image. Flickr
Republish
Reprint

New Delhi, November 7, 2016: Two hackers allegedly from the Netherlands claimed to have broken into seven Indian High Commission websites, publishing online the login details, passwords and database containing names, passport numbers, email-IDs and phone numbers of people of Indian origin, media reported on Monday.

According to a report in E Hacking News website, the Indian High Commissions where data breach happened are in South Africa, Libya, Italy, Switzerland, Malawi, Mali and Romania.

The hackers with Twitter names Kapustkiy and Kasimierz L later dumped the database on Pastebin.com (which later removed the details).

NewsGram brings to you latest new stories in India.

“I am from the Netherlands. I’ve found several SQL on their websites and I reported it. But they ignored me so I dumped there db [database],” one of the hackers told E Hacking News in an email.

The hackers allegedly leaked details of 161 Indians living in South Africa, 35 in Switzerland, 145 in Italy, 305 in Libya, 74 in Malawi, 14 in Mali and 42 in Romania.

The Indian Embassy in South Africa (http://www.hcisouthafrica.in/) was the first one to be hacked.

The Indian Embassy in Bern (Switzerland) was the second target (http://indembassybern.ch/) which had three databases with 19 tables with total 35 entries and login details with passwords.

Go to NewsGram and check out news related to political current issues.

“The compromised data includes the name, last name, email id, address, college and a course where students are enrolled,” the report added.

In Italy, the hackers entered into three databases with 149 entries, including the name, email-id, telephone numbers and passport numbers.

There was no official explanation from the Ministry of External Affairs on this development.

SQL (Structured Query Language) injection is one of the most widely exploited web application vulnerability used by hackers to steal data from online businesses’ and organisations’ websites.

Look for latest news from India in NewsGram.

This web application vulnerability is typically found in web applications which do not validate the user’s input.

“As a result, a malicious user can inject SQL statements through the website and into the database to have them executed,” www.netsparker.com reported.

Earlier this year, there were multiple reports that websites of seven Indian embassies were hacked and defaced by a group claiming to be from Pakistan. (IANS)

Click here for reuse options!
Copyright 2016 NewsGram

Next Story

Aadhaar Helpline Mystery: French Security Expert Tweets of doing a Full Disclosure Tomorrow about Code of the Google SetUP Wizard App

0
Google Along with Other SSocial Media Giants will Face The Lawmakers, Wikimedia Commons
Google Along with Other SSocial Media Giants will Face The Lawmakers, Wikimedia Commons

Google’s admission that it had in 2014 inadvertently coded the 112 distress number and the UIDAI helpline number into its setup wizard for Android devices triggered another controversy on Saturday as India’s telecom regulator had only recommended the use of 112 as an emergency number in April 2015.

After a large section of smartphone users in India saw a toll-free helpline number of UIDAI saved in their phone-books by default, Google issued a statement, saying its “internal review revealed that in 2014, the then UIDAI helpline number and the 112 distress helpline number were inadvertently coded into the SetUp wizard of the Android release given to OEMs for use in India and has remained there since”.

Aadhaar Helpline Number Mystery: French security expert tweets of doing a full disclosure tomorrow about Code of the Google SetUP Wizard App, Image: Wikimedia Commons.

However, the Telecom Regulatory Authority of India (TRAI) recommended only in April 2015 that the number 112 be adopted as the single emergency number for the country.

According to Google, “since the numbers get listed on a user’s contact list, these get  transferred accordingly to the contacts on any new device”.

Google was yet to comment on the new development.

Meanwhile, French security expert that goes by the name of Elliot Alderson and has been at the core of the entire Aadhaar controversy, tweeted on Saturday: “I just found something interesting. I will probably do full disclosure tomorrow”.

“I’m digging into the code of the @Google SetupWizard app and I found that”.

“As far as I can see this object is not used in the current code, so there is no implications. This is just a poor coding practice in term of security,” he further tweeted.

On Friday, both the Unique Identification Authority of India (UIDAI) as well as the telecom operators washed their hand of the issue.

While the telecom industry denied any role in the strange incident, the UIDAI said that he strange incident, the UIDAI said that some vested interests were trying to create “unwarranted confusion” in the public and clarified that it had not asked any manufacturer or telecom service provider to provide any such facility.

Twitter was abuzz with the new development after a huge uproar due to Telecom Regulatory Authority of India (TRAI) Chairman R.S. Sharma’s open Aadhaar challenge to critics and hackers.

Ethical hackers exposed at least 14 personal details of the TRAI Chairman, including mobile numbers, home address, date of birth, PAN number and voter ID among others. (IANS)

Also Read: Why India Is Still Nowhere Near Securing Its Citizens’ Data?