New Delhi, June 13: The e-mails and passwords of several major ministries including Defense and the Army are under the scanner of hackers.
The government has warned officials to be cautious after the e-mails and passwords of hundreds of central government officials came under the scanner of hackers.
The recent data leaks of Air India, Domino’s and Big Basket Later this time the hackers are trying to target in the name of updating the vaccination status on the CoWin app.
Military intelligence (MI) had on June 09 intercepted an international call exchange from Bangalore that was assisting Chinese agencies to pass on information about India’s north-east states to Pakistan’s spy agency ISI.
Meanwhile, Army personnel were getting links on WhatsApp, SMS, and e-mails asking them to update the vaccination status for issuance of digital certificates on the CoWin app by clicking on it. But a warning was issued by the Army on June 9 saying that fraudulent messages are being received claiming to be related to Base Hospital Delhi Cantt, RR Hospital.
The Army had advised military personnel not to respond to such fraudulent attempts.
Similarly, on June 10, several government offices including officials of the Defense Ministry were sent alerts asking them to be alert. E-mail IDs and passwords have been exposed, including several government email IDs.
However, hackers also send e-mails to government officials through various means allowing them to click on attachments or web-links that can hack their data. Defense establishments like Movement Control Office (MCO) and Principal Controller of Defense Accounts (PCDA) were also receiving similar calls from international call exchanges intercepted in Bengaluru and were asking for details.
The hackers then sent malicious web links on WhatsApp and SMS asking them to update the vaccination status. In the message, the officials were asked to generate a digital certificate of COVID-19 vaccination by clicking on https://covid19india.in. On clicking this link, they are redirected to the page “@gov.in” similar to the official website mygov.in and are then asked to enter the official e-mail and password.
It is said that this website was prepared in Pakistan this month.
On the page of the website @nic.in e-mail id is mentioned so that the opening authority can believe that it is a government page.
Though, its purpose is only to receive e-mails and passwords of government officials and unauthorized access to government systems as this page does not accept any other domains like gmail.com. Earlier on May 15, Air India had informed its passengers that its passenger service system was subject to a cyber attack in the last week of February, affecting about 4.5 million data registered between August 26, 2011 and February 3, 2021.
In May itself, the data of 180 million customers of pizza company Domino’s India was leaked. Domino’s had also informed the Delhi High Court about this.