Reportedly, an unnamed hacker has managed to gain access to India’s National Internet Registry. As a result of this, the hacker posted thousands of credentials for sale over the dark web.
The hack has led to the breach of some of India’s most important services, including government agencies, private firms, security and operational network ISPs, among many others. The hacker is trying to sell both servers and database access to over 6,000 websites, according to the latest report.
The news came first from a security company named Seqrite Cyber Intelligence Labs, which operates from India. The firm’s representatives came across a massive data dump on the dark web and tried to contact the seller for further information.
They were shocked to find that the data belongs to thousands of Indian websites and immediately alerted government authorities so that timely action could be taken.
National Internet Registry Hack: What Really Happened?
In the official statement, the security intelligence company claims that the hacker was even willing to sell the entire ISP database for a sum of 15 Bitcoins. In real-world currency, it is valued at approximately $80,715. If someone was willing to pay more to take down a particular government organization or an important website, the hacker was willing to do it.
When the agency gained an opportunity to get in touch with the hacker, they posed as a legitimate buyer to confirm whether the database and login credentials were actually being sold. Reportedly, the hacker sent samples of the stolen data to prove he does have access to sensitive information.
In the sample provided by the seller, they found contact details including the e-mail addresses of a reputed Indian technology firm. Details of a government organization were also identified in the sample, which ensured that sensitive information was up for sale.
They further investigated deeper to know what kind of purchase they could make from the hacker. He replied that he has access to at least 6,000 credentials acquired by hacking into the Indian Internet Registry, run by the National Internet Exchange of India.
Only when they were completely confident that vital information has been hacked and is being distributed on the dark web, the agency contacted the government and other security agencies in India to look into the matter.
Security Firm’s Report
According to the report submitted by Seqrite, the hack is indeed legitimate and sensitive information that could put the entire country at risk is being sold on the dark web. They added that it involves popular IT firms in the country, government organizations and prominent companies.
The items for sale include login credentials to servers, e-mail addresses, personal contact information and even contractual business documents among other sensitive data that could be used against those companies.
This is a rather large breach, as the culprit has access to a massive database from the Asia Pacific Network Information Center.
The report adds that even ISRO, UIDAI, Flipkart, State Bank of India, Bharat Sanchar Nigam Limited, Aircel, TCS and Bombay Stock Exchange were all found in the list of hacked sites with their login credentials and other data being sold on the dark web.
NIXI’s Contradictory Statement
NIXI, the National Internet Exchange of India, claims that this data breach is actually a hoax and the information is completely safe under their scrutiny. They further added that hacking into the NIXI to gain access to over 6,000 ISPs is an impossible task, thus re-stating that the reports are false.
Still, the authorities commented that they are further verifying their security protocols to ensure there are no loopholes.
Seqrite is the enterprise security wing of the software company Quick Heal, which provides antivirus and antispyware products. Their statement has been considered invalid by the largest corporation, NIXI. The UIDAI, which is in charge of issuing Aadhaar cards and maintains a massive database of over a billion people, also stated there is no such threat to their data.
The real answer to this issue still remains a mystery for now.
Latest posts by Richard (see all)
- Exclusive Interview with Commander X - September 22, 2018
- Further Tor Vulnerabilities Discovered: Public IP Address of Tor Hidden Sites Identified via SSL Certificates - September 7, 2018
- What is SADD.IO and How Does It Work? - September 3, 2018