Scam Links Persist On Indian Government Websites Months After Initial Discovery

Several Indian government websites continue to host malicious links months after the issue was initially reported, raising concerns about cybersecurity vulnerabilities.

TechCrunch recently discovered over 90 compromised “gov.in” website links associated with various government departments, including the Indian Council of Agricultural Research, India Post, and state agencies from Haryana and Maharashtra. These links redirect users to fraudulent betting and investment platforms.

TecCrunch says that the compromised links, indexed by search engines like Google, pose significant risks as unsuspecting internet users may encounter them during routine searches.

EXCLUSIVE: 200+ Government of India websites have been hacked!

From Google, they now redirect to vc66 [dot] net, a domain registered on Dec 21, 2024. Its an online money-making scam but links to malware—an attack called SERP hijacking.

Search [site:*.gov.in fast cash] to see. pic.twitter.com/9fNjYuOt13

— Deedy (@deedydas) January 6, 2025

In May, TechCrunch had highlighted a similar issue with around four dozen government website links. At that time, India’s Computer Emergency Response Team (CERT-In) was alerted and took steps to address the matter.

The websites in question promote themselves as Asia’s most popular” online betting platform and “the number one online cricket betting app in India,” offering wagers on events like the Indian Premier League.

How these ads ended up on Indian government pages and the duration of the redirects remain unknown. Additionally, TechCrunch says that it remains unclear if the underlying vulnerabilities were resolved, as new compromised links have since surfaced.

Security expert Bob Diachenko explained to TechCrunch that the recurring problem might stem from vulnerabilities in the websites’ content management systems or server configurations.

According to Diachenko, merely removing malicious content without addressing the root cause allows attackers to exploit the same weaknesses repeatedly. TechCrunch reached out to CERT-In for comment, sharing examples of affected links.

Although the agency did not respond, the problematic links began showing “page not found” errors shortly after TechCrunch’s inquiries.

This recurring issue underscores the need for Indian authorities to implement more robust cybersecurity measures. Addressing systemic vulnerabilities will be essential to prevent future incidents and safeguard public trust in official online resources.