UPSC website compromised

12th May 2009
UPSC website compromised

The website of the (Indian) Union Public Service Commission ( www.upsc.gov.in )  has been  the victim of a malicious cyber attack., the San Jose, California (US)-based  web security solutions provider, Finjan, says in its blog. 

The site appears to have been injected  with a Fiesta attack toolkit. When triggered  by a user's PC that runs Internet Explorer,  it   infects the computer  using seven different techniques.
 
The malware seems to have originated from a server in Poland finds Finjan.  The company's Chief Technology Officer  Yuval Ben-Itzhak  adds that the toolkit can be bought for  around $ 300.  Finjan  has immediately notified  the Indian Computer Emergency Response Team (CERT)  the May 10  blog says. 

However when  IndiaTechOnline  checked on May  13,  the Google search engine  still says "This site may harm your computer" and explains: "This warning message appears with search results we've identified as sites that may install malicious software on your computer".  This may put off thousands of visitors to the site.
 
The UPSC site is very popular  with those checking for Indian government jobs and looking for results of public  recruitment exams held on behalf of government agencies including the Indian Civil Services.
 
Link to the Finjan blog:
http://www.finjan.com/MCRCblog.aspx?EntryId=2249

 

( Bangalore May 13 2009)