After the Registration Department’s Admin Access Was Put Up for Sale on Instagram for Just 25,000

Kathmandu: The Sushila Karki-led government formed after the Gen-Z uprising was focused on completing the election. While the government was adopting various strategies to encourage eligible Nepali citizens to vote, a series of cyberattacks on government systems began. This was around the month of Kartik.

At the same time, a video was released on Telegram from a channel called ‘Nepali for Nepal’. The video, which used the national anthem in a different style, claimed that main web access to the Election Commission website had been obtained. After the commission denied that its website had been hacked and termed the claim misleading, the hacker group attempted to back its claim by releasing the video as evidence.

Meanwhile, on 1 Mangsir 2082, controversial medical practitioner Durga Prasai was arrested. Soon after, the hacker group threatened to attack government websites if Prasai was not released within 24 hours. They claimed to have already deleted more than 600 pages from the Election Commission website and warned that all data would be destroyed if their demands were not met.

While voters were busy preparing identity cards and updating details for the elections scheduled for 21 Falgun, unverified reports that pages of the commission’s website had been deleted spread panic among citizens.

In the meantime, the group claimed to have hacked the websites of the Civil Aviation Authority and the Revenue Investigation Department.

Since online voter registration based on the national identity card number began on 27 Kartik, pressure on the commission’s website increased and it began going down frequently. Taking advantage of this situation, on 2 Mangs, the ‘Nepali for Nepal’ group turned its attention to the website of the National Identity Card and Registration Department.

Again demanding the release of Durga Prasai, they hacked the department’s website and placed their ‘signature banner’ inside it. They repeatedly released videos threatening to delete and make public all departmental data. Following this, unauthorized access was gained to the websites of the Nepal Electricity Authority, the Road Department, and Mirmire Microfinance. Links were leaked on Telegram as evidence.

As government websites came under daily attacks, the Cyber Bureau of the police launched an investigation based on complaints filed by the Nepal Medical Council, the Registration Department, and the Election Commission. During this period, Santosh Chimaria, 20, of Jhapa, was arrested on 28 Mangsir 2082. Bikash Poudel, 19, was arrested on 18 Poush.

What Is the Involvement of the Arrested?

The District Government Attorney’s Office, Kathmandu, filed a charge sheet against the two youths at the Kathmandu District Court on 23 Poush 2082 under the Electronic Transactions Act, 2063. According to the charge sheet, police identified a phone number used by a Telegram channel that had repeatedly claimed responsibility for hacking government websites. Based on that number, Santosh Chimaria of Jhapa was identified.

Police said that during the investigation of Chimaria’s phone, several Telegram channels were found running on the app. These included Genji Rising Nepal, Ctrl Nepal, and Genji Nepal.

In his statement, Chimaria said he met Bikash Poudel while working in Kathmandu. The two became friends during their interactions. Chimaria stated that Poudel told him he could work online and that Telegram was required for it. He said he provided his number and an OTP code when Poudel asked him to create a Telegram account. Chimaria claimed he was unaware of what happened afterward. “I only learned about all this after the police suddenly arrested me in Kathmandu,” he said.

Meanwhile, according to Bikash Poudel, a friend named ‘Vikrant Chaudhary’ had also asked him for a Telegram ID. Poudel alleged that Chaudhary operated groups such as Genji Rising Nepal and Genji Nepal.

According to Poudel, Chaudhary hacked the website of the National Identity Card and Registration Department. He made a video showing internal details, news, and documents from the department’s system and posted it on Telegram. “I had been receiving IT knowledge from Vikrant Chaudhary,” Poudel said in his statement. “While learning from him, he sent me a screenshot of the admin panel of the National Identity Card and Registration Department on Instagram. He later put it up for sale from his Instagram ID for $250.”

Poudel further stated that Chaudhary later offered to sell the username and password of the Registration Department website for 25,000 rupees. When the offer came up, Poudel informed his close friend Sandesh Aryal. When Sandesh showed interest in buying it, Poudel introduced them on WhatsApp.

When the Cyber Bureau took the accused into custody, they seized one repeater, four laptops, 10 Android phones, one iPhone, and one bar phone.

According to Cyber Bureau spokesperson Superintendent of Police Deepak Raj Awasthi, the accused were also operating Telegram channels named CMD Nela and Nepali for Nepal (NFN). He said most Telegram channels that attacked government websites and threatened to leak data after the Gen-Z uprising were linked to the accused. “In this hacking incident, it appears that they were also being operated by someone else,” Superintendent of Police Awasthi said.

The accused Chimaria, Poudel, and Chaudhary have been charged under Sub-section (1) of Section 47 of the Electronic Transactions Act, 2063 BS. Authorities have demanded punishment accordingly.

 

पछिल्लो अध्यावधिक: पुस ३०, २०८२ १४:१७

टिप्पणीहरू