Has the Delhi International Arbitration Centre’s website been hacked?

Vasudha Misra & Anuj Agrawal

With the push towards a “digital” economy, concerns over cyber security are certainly on the rise. The latest victim of a “hack” is the website of the Delhi International Arbitration Centre, established  by the Delhi High Court way back in 2009. The breach was discovered by RMLNLU graduate Prasang Shukla, while going through the DIAC’s website.

Shukla posted details of the hack on Facebook, stating that the DIAC website’s homepage has “a link to an Android app that lets you hack into other apps”. The Android app in question is the Lucky Patcher APK, the link to which has been sneakily placed on the DIAC homepage.

The lucky patcher apk lnk on the DIAC homepage
The lucky patcher apk lnk on the DIAC homepage

The Lucky Patcher APK homepage, meanwhile, was last updated on November 21 this year, suggesting that the DIAC breach took place at least one month ago.

 Notice the detailed instructions given.

screenshot_20161219-170909

But that is not the only “strange” link that has found its way onto the DIAC website. Perhaps to cater to those who seek relief of the musical variety, the DIAC homepage also has a link to a piano reviewing website.

DIAC and Piano Reviews
DIAC and Piano Reviews

Another link that makes a presence on the DIAC website is that of “Semrush coupons”; this one is hidden away in the DIAC’s About Us page. Incidentally, Semrush is an SEO optimisation tool.

Semrush coupons on DIAC's About Us page
Semrush coupons on DIAC’s About Us page

So just who is responsible for maintaining the site? If one were to call on the number listed on the site, one would be only told that the cyber security responsibility was given to a ‘private company’. No details were provided, nor was there any confirmation whether the DIAC was aware of the breach.

As per information on the DIAC website, the site was designed and developed by Hollywood Login, a part of Hollywood Multimedia, copyrighted as of 2010. It is unclear whether they are still in charge of the DIAC website.

Of course, this is hardly the first instance of security gaps in our country’s official websites. Far from it. In the past few months, several instances of major websites being hacked have come to light.

On August 3 this year, the GNLU website was hacked by self-proclaimed “anti Modi hackers”, with a group called ‘Hexlook’ claiming responsibility. Months later, on October 3, there were reports that the website of the National Green tribunal was the latest to fall prey to the ‘cyber war’ ignited by India’s surgical strikes across the border, a fate that was to be shared by the website of the Government Law College in Mumbai a week later.