Indian Government Emails Found Wandering on the Dark WebByBill Toulas-February 1 2020 1668 Although emails may have been exchanged by crooks for quite some time, this has just been found out. It is time for vital government entities to use physical security keys 2Fa and even better 2Sv. Researcher Sai Krishna Kothapalli has discovered on the dark web 3202 email Ids belonging to people working on the Indian government and various state organisations. For the past four years, the infosec expert has been gathering data from dumps on the dark web, creating a humongous 1,8 billion email Ids and password database. According to him, about 85 per cent of the passwords he holds are in plain text form, while others have been dehashed over the years by hackers. Kothapalli recently found some ending with “.gov.in” after analysing this data trove. The 365 email Ids belong to the ‘ Atomic Research Center Indira Gandhi ‘ staff. The ‘ Bhabha Atomic Research Centre ‘ with 325 email Ids is trailing just behind. The “Securities and Exchange Board of India” with 157 emails is in third place. In total, as shown in the graph below, the 3202 emails belonging to 12 entities 1669 The researcher is still investigating the data and is in the process of contacting government agencies to alert them of his findings. He points out that when he began investigating this, someone who posed as a reporter for Ndtv approached him. After further investigation he found that in the previous months the email accounts used to reach him had been hacked and that this was due to North Korean hackers by reports from back in time. The North Korean hackers sent hacking emails to the former chairman of India’s Atomic Energy Commission(Aeci), the secretary to India’s government and the director of the Bhabha Atomic Research Center(Barc). Pic.twitter.com / Ucv01aCq2X IssueMakersLab (@issuemakerslab) November 2 2019 This could all be the work of state-sponsored North Korean security key players.
Author Jeanne Higgins