[ISN] Trai website tinkered, hacker still at large

From: InfoSec News (alerts@private)
Date: Mon Oct 02 2006 - 23:01:11 PDT


http://www.financialexpress.com/fe_full_story.php?content_id=142235

By HARSIMRAN SINGH
October 03, 2006

The website of the Telecom Regulatory Authority of India (Trai) has been 
hacked. A hacker (code-named - Pablin 77) broke through the 
administrative access to the regulator's server on Saturday and tinkered 
with some of the links of the website. FE alerted Trai about the hacking 
on Monday.

The hacker is still at large and the telecom regulator plans to lodge a 
FIR.Defacing of Indian websites is at an all time high right now, says a 
report by the Computer Emergency Response Team (CERT-IN) which tracks 
such incidents. About 1,311 Indian sites were defaced in July 2006 
against only 151 in January this year. The recommendations and 
directions sections on the website (Trai.gov.in) when clicked, opened a 
window saying - "Pablin 77 was here."

Pablin 77 is an international hacker who targets only government 
websites. In the past, Pablin 77 had attacked the government websites of 
Uruguay, Germany, Holland, China, Ethiopia and most recently the website 
of the Republic of Philippines on September 24. Most of the links on the 
sites were changed to "h4x0r3d Pablin77 Was Here!!!" and the site was 
put offline.

Pablin 77, however, is a low-profile hacker, said Captain Raghu Raman, 
CEO, Mahindra Special Services Group. "Top hackers figure in the age of 
35-45 years and keep a very low profile. However, Pablin seems to gain 
monetary mileage by leaving his message," he added. The attack could be 
serious because the server is based in Trai premises, said experts.

"Through the malicious code the hacker could download a trojan on 
machines which could help gain access to sensitive Trai data," said 
Srikiran Raghavan, regional head of RSA Security. "The attack on the 
Trai website clearly showed that adequate security measures were not in 
place. The site was attacked during the holiday season to prevent quick 
response and thus gain more publicity," said Trend Micro's country head 
Niraj Kaushik.

The Trai website was redesigned by Delhi based Planet E-com Solutions 
just a few months back. Trai officials said that the site's "press 
release" section was hacked a few days before the 3G recommendations 
were announced. However, that was discovered and set right by the 
regulator.


_________________________________
Donate online for the Ron Santo Walk to Cure Diabetes!
http://www.c4i.org/ethan.html



This archive was generated by hypermail 2.1.3 : Mon Oct 02 2006 - 23:09:00 PDT