Who hacked Vijay Mallya, Rahul Gandhi's Twitter and what do they want?
Even as the prime minister tries to usher in a digital renaissance in India, a group of hackers is hell bent on making the netizen paranoid about their security. Just days after the famous hackathon that brought the Congress party to its knees, we see yet another attack, this time on Indian Industrialist on exile, Vijay Mallya.
 |
| Photo: Screengrab |
A group of hackers who call themselves “Legion” have claimed responsibility for all the hacks, as they tweeted out confidential details from the liquor baron’s Twitter handle. The group also provided several documents, which include Mallya’s passport, residency permit in the UK, domestic and overseas assets, letters etc. They even invited others to volunteer in their now “hacktivist” movement.
This streak of hacks, which initially looked like a teenager trolling India’s clown prince, has suddenly started taking the shape of a WikiLeaks-like movement. So, who are these guys?
The first thing one needs to look at, is the email address they provided: legion_group@sigiant.org
What is Sigiant?
Sigiant is a darknet email service that allows you to send and receive email without revealing your location or identity. They provide the service to help journalists, activists, etc. combat the dragnet surveillance that exists on the internet. These emails have limited storage space and expire after one year unless upgraded. All user data on Sigiant is housed in secret locations that are protected by the TOR network. They operate two publicly known servers that are just proxies and contain no user data. These proxies only tunnel mail from the clearnet back to the secret data warehouse using TOR, and vice-versa.
This brings up several other questions.
What is Darknet? What is TOR?
The Surface Web is anything that a search engine can find, while the Deep Web is anything that a search engine can’t find. The Dark Web is a small portion of the Deep Web that has been intentionally hidden and is inaccessible through standard web browsers.
The most famous content that resides on the Dark Web is found in the TOR (The Onion Router) network. The TOR network is an anonymous network that can only be accessed with a special web browser, called the TOR browser. This is the portion of the Internet most widely known for illicit activities because of the anonymity associated with the TOR network.
TOR’s name (Onion) is appropriate enough, given that it provides layers of encryption to conceal data as well as IP addresses, making user identity impossible to track. Almost impossible.
So, who are Legion?
Legion, by the looks of it, is a fledgling Anonymous-like hacktivist group. Hacktivists are people who gain unauthorised access to computer files or networks in order to further social or political ends. These groups have become more and more common in the last few years owing to paranoia of government surveillance, the rise of Julian Assange of WikiLeaks and the defiance of people like Edward Snowden.
Judging by the spree of attacks they have launched on the Indian National Congress, and now Vijay Mallya, it is easy to figure out their motive: attacking those who have a reputation for long-standing corruption. Their deftness with the hacks, and their use of the darknet services point towards the fact that they know what they are doing.
But Indians are not new to the Dark Web at all. Just recently, a gang of drug dealers were apprehended in Mumbai, who were using the Dark Web to make their deals.
What does this mean for other netizens?
While this group may be focusing on just the notoriously corrupt, safety on the internet has always been an issue. What was evident from the hack of Rachit Seth’s twitter account is that a two-factor authentication is unlikely to save your account and personal details, if people with this kind of skill-set are at it.
We’ve already seen a giant breach in banks. In October, a debit card hack hit major Indian banks such as HDFC Bank, ICICI Bank, Yes Bank, Axis Bank and SBI, compromising as many as 3.2 million debit cards. We know of security flaws in the Narendra Modi app that is full of sensitive data related to voters. What we need to worry about now, is being stringent about our own personal internet security.
Indians are not the most cautious about their data online and its time we change that. Complex passwords, different for every account, two-factor authentication, difficult personal questions and just general good internet hygiene and etiquette are just some things that we need to follow.
The rest, we can only hope that our countries cyber-cell gets the much needed update, so that hackers, trolls and phishers are caught swiftly before too much damage is done.