Indian hackers may have acquired US government passwords
The Lords of Dharmaraja, a previously unremarkable Indian cybercriminal ring, has been making significant waves in the online security community in recent weeks. After allegedly obtaining the source code behind Symantec Security's antivirus solutions, the group is now claiming that it has uncovered plots by the Indian intelligence community to spy on U.S. diplomatic relations.
The sensitive government communications in question date back to April 2011, according to Reuters, and were included in a series of releases made by the Lords of Dharmaraja. However, authorities only became aware of the issue after the Symantec incident generated a deeper analysis of the group's nefarious activities. Upon further review, officials were alerted to the fact that several emails were addressed to a member of a U.S. government committee in charge of monitoring economic and security ties to China.
However, as is often the case in these circumstances, many are questioning the source of the material. India, Pakistan and China have all been the object of speculation, according to Reuters, but others insist the cybercriminals have created fraudulent intelligence memos to simply enhance the group's reputation.
"There is some malicious intent, but to try and work out who has done it, given the current nature of the internet, is an exercise in futility," cybersecurity specialist Cherian Samuel told the news source.
An an exclusive interview with InfoSecIsland, a Lords of Dharmaraja member known as Yama Tough revealed that India's tampering in U.S. government communications may go even deeper. The hacker provided the news outlet with a "small sample" of the data the group allegedly obtained from servers managed by the Indian Ministry of External Affairs, which included 68 sets of usernames and passwords to the compromised accounts of U.S. officials.
"In the best interest of the federal, state and local municipalities and their constituents, InfosecIsland will not publish the compromised account data," InfoSecIsland administrator Anthony Freed explained. "We have provided the information to the proper authorities and are fully cooperating with law enforcement."
Yama Tough also provided new insight into the ambitions driving the Lords of Dharmaraja. In the InfoSecIsland interview, the hacker explained that the release of Symantec's proprietary information and the U.S. government emails were regrettable, but may have been the only way to draw attention to the deeper online security threats posed by the Indian government.