BSNL's Website Breached Again, Hackers Leave Behind Graffiti

For the 2d time in March, Indian telco BSNL'south website has been hacked and this time, it's not by an ethical hacker only a existent sabotage group chosen LulzSec. The Indian arm of the grouping of hackers – or hacktivists as they call themselves – raided BSNL's homepage and replaced it with a mocking message.

All this took place a couple of days after a French security researcher, who'due south popular by his Twitter alias Elliot Anderson, discovered a major flaw in the internally accessible sub-domains of BSNL that gave him access to a database of 47,000 employees. In fact, this latest hack was also highlighted by the researcher who urged hackers to notify government officials of whatsoever security drawback instead of defacing a website.

But this set on on BSNL was partially a mockery, partially a class of protest against Indian It Human action of 2000 which allows upstanding hackers to be prosecuted for finding out vulnerabilities in government and other publically relevant websites. Elliot also found another sub-domain on BSNL'south network disrupted by another hacker.

I found 2 hacked @BSNLCorporate subdomains this morn.

Please. Don't do that.

If you are skilled enough to deface websites, it's crawly. But please don't do it.

Alert the concerned owners, give them a risk. If they don't answer, let's discuss, I probably can aid. pic.twitter.com/XmVfpEt6c6

— Baptiste Robert (@fs0c131y) March 6, 2018

This hack beats BSNL'south claims about beingness "fully geared up to prevent any information loss related to its employees, customers or stakeholders". The telecom operator, which is yet to roll out 4G services widely in the country, boasted confidently of its "latest engineering" equally well as "full secure data centres" in a press release while responding to findings past Alderson. Though at present it seems these claims now prevarication under the rubble of the visitor's shattered reputation.

What is even more than absurd that the hack could have been prevented had BSNL taken these claims seriously. Two years agone, an IIT Guwahati alumnus Krishna Kothapalli had tried to achieve out to the telco, informing them of the vulnerability in the employee database, but did not receive whatsoever reply.

For now, in that location seems to be no respond from BSNL over Twitter or via the press. Moreover, in that location is no data near whether these miscreants only sabotaged the forepart page of operator's website or stole data likewise. The website has now been restored.

Source: https://beebom.com/bsnls-website-hacked-again-by-real-hackers-this-time/

Posted by: fosterithen1937.blogspot.com

Share this post