Some Indian government websites continue to allow scammy link planting on official domains – months after TechCrunch reported the problem last year. TechCrunch found more than 90 “gov.in” website links linked to Indian government departments, including the Indian Council of Agricultural Research and India Post, as well as the state governments and councils of Haryana and Maharashtra and others, pointing to sites related to online. betting and investment scams. Search engines like Google have indexed scam links hosted on government sites, increasing the risk of ordinary internet users finding them. Some search results show a compromised Indian government website which is a scam site. In May, TechCrunch reported that around forty Indian government website links were redirected to an online betting platform. India’s cyber agency, the Computer Emergency Response Team, known as CERT-In, escalated the issue at the time. However, it is not clear whether the government has fixed the fundamental flaw that scammers are exploiting to plant links. Deedy Das of Menlo Ventures, among others, posted on the X social media platform this week about the resurgence of the problem, suggesting that the hacked page has spread. Security researcher Bob Diachenko told TechCrunch that the problem may have resurfaced due to a compromise in the content management system (CMS) or the website’s server configuration. “If only the symptoms (for example, malicious content) are removed without addressing the cause (for example, vulnerabilities or backdoors), the attackers can reintroduce the problem,” said Diachenko, adding, “This is not a very difficult exercise but it requires some downtime and business.” Earlier this week, TechCrunch contacted CERT-In with some of the affected links.The agency did not respond to the email, although the links started showing “page not found” errors at the time of publication.
