TechCrunch recently discovered over 90 compromised “gov.in” website links associated with various government departments, including the Indian Council of Agricultural Research, India Post, and state agencies from Haryana and Maharashtra. These links redirect users to fraudulent betting and investment platforms.
Over 90 Indian government website links redirect to betting and scam platforms. CERT-In was alerted but hasn’t confirmed fixing underlying vulnerabilities. Issues likely stem from CMS or server configuration flaws, experts suggest.
TecCrunch says that the compromised links, indexed by search engines like Google, pose significant risks as unsuspecting internet users may encounter them during routine searches. In May, TechCrunch had highlighted a similar issue with around four dozen government website links. At that time, India’s Computer Emergency Response Team (CERT-In) was alerted and took steps to address the matter. From Google, they now redirect to vc66 [dot] net, a domain registered on Dec 21, 2024. Its an online money-making scam but links to malware—an attack called SERP hijacking. Search [site:*.gov.in fast cash] to see. pic.twitter.com/9fNjYuOt13 — Deedy (@deedydas) January 6, 2025 The websites in question promote themselves as Asia’s most popular” online betting platform and “the number one online cricket betting app in India,” offering wagers on events like the Indian Premier League. How these ads ended up on Indian government pages and the duration of the redirects remain unknown. Additionally, TechCrunch says that it remains unclear if the underlying vulnerabilities were resolved, as new compromised links have since surfaced. Security expert Bob Diachenko explained to TechCrunch that the recurring problem might stem from vulnerabilities in the websites’ content management systems or server configurations. According to Diachenko, merely removing malicious content without addressing the root cause allows attackers to exploit the same weaknesses repeatedly. TechCrunch reached out to CERT-In for comment, sharing examples of affected links. Although the agency did not respond, the problematic links began showing “page not found” errors shortly after TechCrunch’s inquiries. This recurring issue underscores the need for Indian authorities to implement more robust cybersecurity measures. Addressing systemic vulnerabilities will be essential to prevent future incidents and safeguard public trust in official online resources.
