Indian Government Websites Found Hosting Scammy Redirects to Online Betting Platforms
In a recent discovery by TechCrunch, it has been revealed that several Indian government websites have unknowingly hosted advertisements that redirect visitors to online betting platforms. These websites, which include state police and property tax departments, were found to be indexed by search engines like Google, making the scam ads easily accessible online.
Around four dozen “gov.in” website links associated with Indian states such as Bihar, Goa, Karnataka, Kerala, Mizoram, and Telangana were identified as redirecting to online betting platforms. The platforms themselves claim to be “Asia’s most popular” and “the number one online cricket betting app in India,” attracting users with the promise of betting on games like cricket tournaments, including the highly popular Indian Premier League.
The exact method used by scammers to plant these ads on Indian government pages remains unclear. It is also uncertain how long these links have been redirecting users to the online betting platforms. However, TechCrunch wasted no time in alerting India’s Computer Emergency Response Team (CERT-In) about the issue. They provided CERT-In with a few affected state government website links for reference.
CERT-In, India’s cyber agency, promptly acknowledged receiving TechCrunch’s email and confirmed on Thursday that they have escalated the matter. In their response, CERT-In stated, “We have taken up with the concerned authority for appropriate action.” It is yet to be determined if the flaw allowing backdoor access to state government websites has been resolved.
This incident is not the first of its kind. Last June, TechCrunch reported a similar situation where scammers had published ads for hacking services on U.S. government websites due to a security flaw in the government’s web content management system software. Shockingly, some of these ads had been available online for years.
The discovery of scammy redirects on Indian government websites raises concerns about the security and integrity of online platforms. It highlights the need for robust cybersecurity measures to protect government websites from unauthorized access and malicious activities.
It is crucial for government agencies to prioritize regular security audits and updates to ensure the safety of their websites. Additionally, educating users about online scams and promoting awareness of cybersecurity best practices can help prevent individuals from falling victim to such fraudulent schemes.
This incident serves as a reminder that scammers are constantly evolving their tactics and finding new ways to exploit vulnerabilities. It is imperative for governments, organizations, and individuals alike to remain vigilant and proactive in safeguarding their online presence.