- India
- International
More than three months after programmers identifying themselves as Pakistan Cyber Army hacked its website and posted several comments,the Central Bureau of Investigation (CBI) has zeroed in on two portals in the US and one in Latvia that were used for defacement. Moving a Delhi Court with Computer Emergency Response Team-India (CERT-In) report,the CBI has obtained permission from Chief Metropolitan Magistrate Vinod Yadav to approach authorities in the US and Latvia for collecting required information from technical incharge/ administrators/ web managers of the said portals. Their statements will be recorded so as to ascertain the users of the said IP addresses and to find out information pertaining to the hackers identity.
According to the report,the December 3 attack on the CBIs website had originated from the host IP address located at US and was used on that day at four different time periods between 5 and 10:10 pm,IST. The Who is details for the IP revealed that it belongs to Amazon.com Inc.,Amazon Web Services,South,Seattle,USA, stated the report. Adducing the investigation report into the case registered under the IT Act,the CBI said that one more IP address was found involved in the hacking. Another IP address has been found to be linked to the said defacement and Who is details of the same revealed it to be assigned to Network Operations Center Inc,Scranton,Pennsylvania (PA),US, read the report. This IP address,as per the CBI,was used for the first time in November,2010 and subsequently,on December 6,two days after the attack.
Narrating the modus operandi,the report stated the hackers accessed database server of the CBI website and managed to modify the database entries. The TITLE filed was replaced with a link containing hackers message and hence,their message was displayed in place of the actual news item in the website. The IP address reportedly led to DEACDCRIGAHOSTINGNET,Digitalas Ekonomikas Attistibas Centres 24 J. Riga in Latvia,while the free URL guided to Daugavpils,Latgale LV5401,Latvia.
Moving the court,the CBI sought issuance of letters of request to the US Department of Justice and Latvias Ministry of Justice for legal assistance. The CBI said that it was essential to get the user details of the three IP addresses in order to locate and ascertain the present whereabouts of the users and examine them on their role in the hacking. The application stated that besides drawing out necessary information from the incharges of the web portals to elicit names,addresses,e-mail addresses and other details of the users,certain documents and articles were also to be collected.
The CBI added that since India has an extradition treaty with the US,there would not be legal problems in conducting the prosecution. Along with the application,a letter of the Indian governments Ministry of Home Affairs showing assurance of reciprocity with the Ministry of Justice,Latvia,was also filed by the CBI.