Is India's DoT site hosting malware?

[Ceres]

The website responsible for telecommunications in India is currently compromised and seems to be hosting malware - see: Department of Telecommunications website in India is blacklisted by Google.

I checked the site on Google today and it still shows the message: "This site may harm your computer."

Apparently, malicious software is being downloaded without the user's consent. The software hosts two trojans. Obviously, don't access the DoT website until it is removed from the blacklist.

Unfortunately, it's not the first time, Indian government computers have been infected. This time around, it's a different government department that's been impacted.

 

[abhishekjha]

dude any site that uses <iframe> codes are blacklisted by google whether or not they host malware in real. even my site cashlooker.com was blacklisted once but then i asked them for a site review an they removed it from blacklist after seeing that im not doing anything bad.

actually the google site advisory service in association witha another anti-badware organisation setup this. they problem is that the iframe code is potentially increases the danger of running some malware from remote servers like when you run ads from ceoads.com and increase the risk for visitors so they blacklist the site. so google blacklist that site automatically without looking into it unless the site admin doesnt contact them about it. and for india's DoT will ever contact google do you think? if they contact they will do it in very anger and in legal dispute but normally the indian DoT and babus dont care if you blacklist or whitelist them. coz they never loose anything with that. XD

but one good thing is that any badware site is blacklisted by google beforehand so that you know about it. this blacklisting is done only on firefox & browsers which use google toolbars but IE6 users who dont use google toolbar can see no such blacklist notice and can visit & use the site without any discomfort.

this was just for your information! hope it helps.

 

[Ceres]

this was just for your information! hope it helps.

Thanks for the info concerning iframes. I wasn't aware that they increase the chances of malware infection.

According to Google's report, they did test the DoT site - see: http://www.google.com/safebrowsing/diagnostic?site=www.dot.gov.in

...normally the indian DoT and babus dont care if you blacklist or whitelist them. coz they never loose anything with that. XD

If what you say is true, that's a really bad thing. The people whose computers are being infected definitely care...

 

[hosting]

---------------------
Malicious software includes 4 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.
Malicious software is hosted on 1 domain(s), including chura.pl
This site was hosted on 2 network(s) including AS9829 (BSNL), AS4758 (NICNET).
---------------------


Looks like the website is -
- hosted on a windows platform ;-)
- not being scanned or NEVER been scanned
- no antivirus software installed

- who cares ;-)

 

[Jeff]

Looks like the same thing has hit the website of the Chief Electoral Officer, Maharashtra:

Search in Google for: ceo.maharashtra.gov.in

 

[Ceres]

Update: Google no longer lists dot.gov.in and ceo.maharashtra.gov.in as suspicious sites.