Several Indian government websites are still permitting scam links to be planted on their official domains, months after the issue was initially discovered.
Over 90 “gov.in” website links tied to various Indian government departments, including organizations like the Indian Council of Agricultural Research, and India Post, as well as state governments and councils in Haryana, Maharashtra, and other regions, have been found redirecting users to websites promoting online betting and investment scams. These harmful links are also indexed by search engines like Google, which amplifies the risk of unsuspecting internet users encountering them.
In May, it was reported that several Indian government websites were redirecting users to online betting platforms. India’s cyber agency, CERT-In (Computer Emergency Response Team), escalated the issue at the time. However, it remained unclear whether the government had fixed the underlying flaw that the scammers were exploiting to plant their links.
This week, Deedy Das from Menlo Ventures and others raised concerns on social media about the issue resurfacing, indicating that the hacked pages are widespread.
Security researcher Bob Diachenko suggested that the issue may have returned due to a compromise in the websites’ content management system (CMS) or server configurations. He noted, “If only the symptoms (e.g., malicious content) are removed without addressing the root cause (e.g., vulnerability or backdoor), attackers can reintroduce the issue,” adding, “It is not a very challenging exercise but requires some downtime and efforts.”
Earlier this week, a few affected links were reported to CERT-In, but the agency did not respond. However, the links began showing a “page not found” error around the time of publication.
