The Railway Protection Force (RPF) in India’s South West has exposed an array of cyber attacks on the online ticketing services of Indian Railways. The attacks are linked to apps allowing users to reserve seats, and confidential one-time-passwords which are sent to users by banks to facilitate online fare payments.
According to media reports citing an anonymous official, around 100 panel developers and software brokers have been arrested across the country, and the software codes in their possession have been destroyed by railways officials. Around 25,000 hacks have reportedly been detected.
Investigations into the racket have been ongoing since 2019, with one person involved in the scam reportedly fleeing from Bengaluru to Odisha.
“In January 2020, his whereabouts were tracked to Kendrapara in Odisha where he was arrested and brought to Bengaluru for further investigation by Bengaluru RPF team,” the media reported a railways official as revealing.
The arrested lead in the case was found to have been using Pakistani software to carry on the hack and book unauthorized e-tickets through the official app of Indian Railway Catering and Tourism Corporation (IRCTC), obstructing genuine passengers from booking their seats. The arrested was also found to be using Bitcoin and cryptocurrency links and 3,000 bank accounts.
“Passengers could not book e-tickets through IRCTC personal identities as within seconds of opening, the tickets would vanish as the gang was using powerful software," the official said.
The Pakistani software being used by this cluster of hackers was of a high level, powered by the same kinds of Linux-based systems that were exploited to break into the applications of the Indian Space Research Organisation and other government organisations.
The access to use the software was illegally sold to the hackers by panel developers. The servers of these services have been traced to overseas locations.
The illegal money generated from the scam is being investigated to discover if any of it were used for document forgery, terror funding and cryptocurrency-backed money laundering.
Since the servers of the hack services have been tracked outside India, Indian Railways authorities are seeking an in-depth investigations as.
Indian intelligence agencies first probed the scam in September 2019 after which the Indian Railways were alerted.
In recent days, news of Pakistan-based hack attacks have made headlines. On 25 August, Pakistan-based hackers reportedly targeted the personal website of central Minister of State for Home Affairs G. Kishan Reddy on Indian Independence Day (15 August).