Seqrite, an enterprise brand of security firm have discovered an advertisement on the darknet which claims to have access to servers and database dump of an unspecified internet registry.
Seqrite, an enterprise brand of security firm have discovered an advertisement on the darknet which claims to have access to servers and database dump of an unspecified internet registry. On further investigation, it was found out that the unspecified registry was IRINN-Indian Registry for Internet Names and Numbers which comes under NIXI(National Internet Exchange of India). IRINN is the National Internet Register Agency which provides allocation and registration services of IP address in India. Leaked Data contain information of around 6000 Indian enterprises which includes government organizations like banks and other major organizations. Rohit Srivastwa, Senior Director, Cyber Education, and Services at Quick Heal said that “We have alerted the government authorities well within time. If someone gets control over this massive data that is currently up for sale on DarkNet, the above-mentioned organizations and enterprises can get affected.” Hackers also claim to have access to a large database of Asia Pacific Network Information Centre(APNIC) and some business documents and credentials. According to researchers, the hackers are asking for 15 Bitcoin (41.89 lakh) for the information in dark web and also offer to take down the network of that 6000 organizations for an unspecified amount.Seqrite has asked government bodies and APNIC to alert all organization about the threat and take appropriate measures to prevent further damage.Now at the time of writing this news, the National Internet Exchange of India (NIXI) has denied the reports of the breach in IRINN in an official statement which is given below:
“NIXI hereby clarifies that there has been no serious security breach of its IRINN system, as it has a robust security protocol in place. The hacker has no capacity to cause any damage or initiate distributed denial of service to any entity who has been allocated Internet resources through IRINN System. There was an attempt to penetrate the system and hacker was able to collect some basic profile information of the contact persons of some of the affiliates which were displayed by him on the darknet.”They also assure that the existing security protocol of NIXI is robust and capable of defending such attacks. The security protocols have been strengthened further following the reports of a massive data breach in IRINN.