Hackers target national portal of India via ‘unprecedented’ phishing technique

Cyber-security researchers on Thursday said they have discovered an “unprecedented, sophisticated” phishing technique that has been targeting government websites across the world, including Indian government’s portal https://india.gov.in, extorting the affected users.

The threat actors have been targeting the Indian government’s portal by utilising a bogus URL to trick users into submitting sensitive information such as credit card numbers, expiration months and CVV codes, according to AI-driven cyber-security firm CloudSEK.

Hackers are imitating the browser window of the Indian government website, most often SSO (single sign-on) pages, with a unique login, in a most-advanced phishing technique commonly known as Browser-in-the-Browser (BitB) attack.