The Homepage of BSNL ( Bharat Sanchar Nigam Limited ) http://www.bsnl.co.in/
was hacked today morning by hacking group Anonymous. BSNL is an Indian
state-owned telecommunications company, the largest provider of fixed
telephony and fourth largest mobile telephony provider in India, and is
also a provider of broadband s
ervices.
The website's homepage was hacked saying, " Hacked by Anonymous India,
support Aseem trivedi (cartoonist) and alok dixit on the hunger strike,
remove IT Act 66a, databases of all 250 bsnl site has been
deleted.............Do not think of BACKUP" with a images of Mr. Aseem
while he was arrested by Police.
Hack was performed by
Anonymous India hacking group and claiming to hack whole server, with
250 Databases. Hacker wrote on deface page, that they deleted all the
databases and dump credentials of BSNL database servers in a pastebin
File.
Ⓐ Analyzing the dump of database
After analyzing the
dump of database login information, we found that company is really
unconscious about their security from several years and choosing
passwords of sensitive servers like "Password123" , "p3nib2",
"enquiry999" , "password" , "DelBSi666" , "vpt123". Most obvious, these
passwords are easily available in any wordlist and can be bruteforced in
minutes.
We can judge the lack of security from the point that, BSNL is using "Password123" as password for 9 Databases.
Ⓐ What is Section 66A of IT Act ?
According to Indian Laws, Section 66A of IT Act is Punishment for sending offensive messages through communication service --
1.) any person who sends, by means of a computer resource or a communication device.
2.) any information that is grossly offensive or has menacing character
or any information which he knows to be false, but for the purpose of
causing annoyance, inconvenience, danger, obstruction, insult, injury,
criminal intimidation, enmity, hatred or ill will, persistently by
making use of such computer resource or a communication device.
3.)
any electronic mail or electronic mail message for the purpose of
causing annoyance or inconvenience or to deceive or to mislead the
addressee or recipient about the origin of such message.
shall be punishable with imprisonment for a term which may extend to three years and with fine.
Ⓐ Why Anonymous Hack BSNL ?
Reason 1 : Last Month two girls - Shaheen Dhada and Rinu Shrinivasan -
were arrested for posting comments made by them on Facebook against
Maharashtra Navnirman Sena chief Raj Thackeray. This arrest was under
Section 66A of IT Act.
Reason 2 : The Mumbai police arrested Mr
Trivedi, a member of the India Against Corruption or IAC, he had put up
banners mocking the Indian Constitution during an Anna Hazare rally in
Mumbai. The arrest was carried out on the basis of a complaint filed by
Amit Katarnayea, a legal advisor for a Mumbai-based NGO. Trivedi has
been booked under IPC Section 124 A for sedition, Section 66 A of IT Act
and under National Emblem Act, 1971. Here are some of the controversial
cartoons posted by Trivedi, followed by a nation-wide protest.
Reason 3 : Its an old reason , Against Censorship ! Few days back The
Web site of Communication and Information Technology Minister Kapil
Sibal was also hacked by Anonymous India for same reason.
