On November 8, 2024, a security breach on the Hyderabad Metropolitan Water Supply and Sewerage Board (HMWSSB) website, ‘hyderabadwater.gov.in,’ in India resulted in the site being exploited by hackers to spam Google News with gambling-related content. The HMWSSB website is primarily used by Hyderabad residents to pay their water bills online. However, due to a vulnerability in the website’s system, attackers managed to inject malicious code into the site, redirecting users to online betting platforms, including one linked to betwww20.com.
The breach was first noticed when gambling and casino links began trending in the Google News technology section, specifically in the latest news tab. These links were marked as legitimate news content but were actually promotional redirects. While one sub-section displayed links related to gaming codes for Garena Free Fire MAX, the majority were from the compromised HMWSSB site, effectively promoting online betting and casino platforms. The hacker’s actions have exposed serious flaws in the way Google News handles content and how vulnerable government websites in India can be to cyberattacks.
The method behind the attack is believed to be a Structured Query Language Injection (SQLi) attack, a common website hacking technique. This type of attack occurs when malicious SQL code is injected into a website’s database query system through vulnerable input fields. These vulnerabilities are often found when websites fail to properly validate or sanitize user inputs before using them in SQL queries, allowing attackers to manipulate the site’s database and perform unauthorized actions.
The impact of this attack goes beyond just the compromised HMWSSB website. It highlights a broader issue of cybersecurity within government portals in India and the potential risks associated with platforms like Google News. The hackers were able to manipulate Google News’ algorithm, raising questions about the platform’s security measures and content filtering systems. As the investigation continues, both the compromised website and Google News will likely face increased scrutiny to prevent similar incidents from happening again.
Reference: