Compromised Indian Government Websites Redirect to Scam Domains in Persistent Issue

• Several domains of various Indian government departments continue to show signs of compromise.
• Over 90 ‘gov.in’ URLs that redirect to scam pages were seen indexed in search engines.
• The hackers use these links to send users to malicious online betting and investment scam websites.

Numerous Indian government websites remain compromised, still sending users to scam-related platforms through redirected links despite earlier warnings months after the initial report. Worryingly, compromised pages have been indexed by major search engines like Google.

TechCrunch recently identified over 90 compromised URLs from “.gov.in” domains associated with various Indian government departments, including the Indian Council of Agricultural Research, India Post, and state organizations from Haryana and Maharashtra. 

These compromised links have been used to direct users to malicious online betting and investment scam websites, increasing the risk for unsuspecting internet users.  

This is not the first time such issues have arisen. Back in May, TechCrunch reported approximately 40 Indian government website links that were similarly exploited to redirect traffic to online betting platforms. 

Following the initial report, the Computer Emergency Response Team (CERT-In), India’s national cybersecurity agency, escalated the matter to address the problem. However, it remains unclear whether the vulnerabilities in the websites have been fully resolved, as the issue has resurfaced.  

This week, Deedy Das of Menlo Ventures flagged the ongoing problem on the social media platform X, highlighting how prevalent these hacked pages have become.

EXCLUSIVE: 200+ Government of India websites have been hacked!

From Google, they now redirect to vc66 [dot] net, a domain registered on Dec 21, 2024. Its an online money-making scam but links to malware—an attack called SERP hijacking.

Search [site:*.gov.in fast cash] to see. pic.twitter.com/9fNjYuOt13

— Deedy (@deedydas) January 6, 2025

According to cybersecurity researcher Bob Diachenko, the root of the problem could lie in vulnerabilities within the websites’ content management systems (CMS) or server configurations.  

This persistent issue sheds light on the critical need for Indian government websites to implement a robust cybersecurity strategy. Without addressing the foundational gaps in their systems, these websites remain vulnerable to repeated exploitation, jeopardizing public trust and security.

The continued susceptibility of official domains such as "gov.in" underscores the urgent need for a more proactive approach to ensure secure website infrastructure. Meanwhile, India published a draft with data protection rules for review.