Skip to content

Jal Kal Lucknow’s website links to a browser-hijacking scam

  • by
  • 4 min read

The homepage of the Jal Kal (Water Works) department of UP’s capital city’s Municipal Corporation links to an Indonesia-based lottery scam website named Sekolahtoto. The website (jklmc.gov.in) has an External Link section on the homepage, and the UP Jal Nigam link (www.upjn.org) redirects to a page promoting the lottery scam.

The only four links in this section that seem to work properly are to the Government of Uttar Pradesh, its Urban Development Department, Nagar Nigam, and UP Local Body Directorate. A possible reason for being greeted by a lottery website instead of UP Jal Nigam’s homepage could be URL hijacking.

The scam website is a browser-hijacker

A browser hijacker is a malicious program that can modify the browser’s settings and redirect it to other malicious websites that the person never wanted to visit — all without their permission and in some cases in the background without their knowledge.

The upjn.org redirects to this website instead of UP Jal Nigam

Clicking on the School of Toto or Register Here (Daftar Disini) links led us to a website that first blocked us and tried to hijack our browser when a VPN was added to the mix.

The registration page leads to this website that tried to hijack our browser — sekolahweek(dot)com/skhurl/brand/

All but two internal link anchor texts pointing to the same link on the Upjn Sekolahtoto website don’t work, including the Catalog, Contact, or Cart buttons. The website has a quantity button, but whatever they’re selling appears to be sold out, indicating that this is a phishing link or, in an even worse case, a malware and spyware dropper or browser hijacker.

The website does have a ‘Powered by Shopify’ link on the footer, which simply redirects to the Shopify website.

The Jal Kal website’s External Link page also confirms that the upjn.org link is, in fact, being linked to UP Jal Nigam.

External Link page on the UP Jal Kal website with links to various organisations.

The URL linked to UP Jal Nigam’s website can also be seen in the page’s source code.

An extract of the source code of the Jal Kal Lucknow website — jklmc.gov.in

The dire state of cybersecurity in India is well known; on Thursday, a ransomware attack crippled over 300 small Indian banks dependent on C-Edge. Last month, Indian cryptocurrency exchange WazirX lost $230 million in a cyberattack and an SMS-phishing scam targeting tens of thousands using India Post’s name.

While the government continues to promote online payments and invest in digital infrastructure, security is paramount. Significant investments will need to be made to secure government apps and websites to ensure the security of the citizens accessing them — and even paying bills via them in some cases.

In the News: Twilio shuts down Authy Desktop app, users face disruption

Prayank

Prayank

Writes news mostly and edits almost everything at Candid.Technology. He loves taking trips on his bikes or chugging beers as Manchester United battle rivals. Contact Prayank via email: prayank@pm.me

>