Dawnofdevil hacker group hits Indian organizations


The hacker group known as “Dawnofdevil” has emerged as a threat actor, actively targeting Indian organizations, including government entities.

Operating prominently on BreachForums, this group recently expanded its activities to compromise the security of the Indian Income Tax Department and hack the data of millions of users of the popular ISP Hathway.

Under the pseudonym “dawnofdevil”, an unidentified individual claims to have infiltrated the security of the Indian Income Tax Department. THE pirate alleges that it gained access to an email account hosted on the revenuetax.gov.in domain, paving the way for unauthorized registrations on various websites affiliated with the Indian government.

Dawnofdevil hacker group targets several victims

Although the implications of this security breach are potentially broad, concerns about the confidentiality and integrity of sensitive information within Income Tax Department remain to be confirmed.

Dawnofdevil hacker group
Source: Twitter

The hacker set a price of US$500 for access to the compromised email, actively seeking potential buyers through private channels.

Income Tax Department of India
Source: Twitter

On December 22, 2023, dawnofdevil announced the successful Hathway hacka leading broadband internet and cable TV service provider in India.

The hacker claims to have acquired the personal data of 41.5 million customers, including sensitive information such as names, addresses, phone numbers, email addresses and even password hashes.

Hathway data leak
Source: Twitter

The data, available for sale for US$10,000, includes not only user details but also access to MySQL and Oracle databases, totaling over 400GB of data and over 800 tables containing production data. Additionally, the hacker has over 4 million KYC documents, containing full names, Aadhar numbers, PAN cards and other national identity details.

Sample Data and Dark Web Portal

Dawnofdevil further shared samples of compromised data, demonstrating the scope of information at risk, including full names, physical addresses, phone numbers, email addresses, user IDs, account IDs, password hashes, IP addresses, etc.

To facilitate the sale and possibly enable targeted searches, the malicious actor set up a Tor website where individuals can search for data entries using mobile numbers and email addresses.

The Dawnofdevil hacker group poses a serious threat to the security and privacy of Indian organizations and individuals. With the alleged organizations investigating the breach and the data of millions of Hathway users at stake, the importance of robust cybersecurity measures cannot be overstated.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber ​​Express assumes no responsibility for the accuracy or consequences of the use of this information.

Leave a comment