Some Indian government websites have allowed scammers to plant advertisements capable of redirecting visitors to online betting platforms.
TechCrunch discovered around four dozen “gov.in” website links associated with Indian states, including Bihar, Goa, Karnataka, Kerala, Mizoram and Telangana that were redirecting to 在线投注平台. Some of those websites belong to state police and property tax departments in the respective states. The scammy links were easy to find online, because it indexed by search engines, including Google, making the ads.
The redirecting websites, touted as “Asia’s most popular online betting platform” and “the number one online cricket betting app in India,” claim to allow betting on games, including cricket tournaments such as the Indian Premier League.
It’s not clear when and how the scammers planted the ads on Indian government pages .
Earlier this week, TechCrunch discovered this issue and promptly informed India’s Computer Emergency Response Team, or CERT-In, about the oversight. They also provided links to a few affected state government websites for reference.
Subsequently, the Indian cyber agency acknowledged receipt of the email. On Thursday, CERT-In confirmed that they had escalated the matter.
“We have taken up the issue with the concerned authority for appropriate action,” stated the agency in an email response. It remains unclear whether the flaw allowing backdoor access to state government websites has been addressed.
In a similar incident last June, TechCrunch reported that scammers had advertised hacking services on U.S. government websites due to a security flaw in the government’s web content management system software. Some of these ads had been online for years.