Indian government websites have fallen victim to scammers planting advertisements that redirect visitors to online betting platforms. TechCrunch uncovered around four dozen “gov.in” website links associated with Indian states like Bihar, Goa, Karnataka, Kerala, Mizoram, and Telangana that were leading unsuspecting visitors to online betting platforms. Shockingly, some of these websites belong to state police and property tax departments.
The scammy links, which were indexed by search engines like Google, promoted online betting platforms claiming to be “Asia’s most popular” and “the number one online cricket betting app in India.” These platforms allowed betting on various games, including cricket tournaments like the Indian Premier League.
It remains unclear how the scammers managed to plant these ads on Indian government pages and for how long the links were redirecting visitors to the online betting platforms. TechCrunch promptly alerted India’s Computer Emergency Response Team (CERT-In) about the issue, providing affected state government website links for reference.
CERT-In acknowledged the receipt of the email and confirmed that they had escalated the matter. They stated, “We have taken up with the concerned authority for appropriate action,” in response to the alarming discovery. However, it is uncertain whether the flaw allowing backdoor access to state government websites has been rectified.
This incident is reminiscent of a similar security flaw reported last June, where scammers had placed ads for hacking services on U.S. government websites. It is crucial for government agencies to prioritize cybersecurity measures to prevent such breaches and protect visitors from falling prey to malicious activities online.