Home
News Shots
Trending
Menu
×
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Homeindiakarnataka

'Outdated' infra made it easy to hack govt portal: Sriki

His attempts to hack into the portal bore its first success when he gained access to bank credentials dealing with earnest money deposit (EMD) refund
kram Mohammed
Akram Mohammed
Last Updated : 29 December 2021, 21:56 IST
Last Updated : 29 December 2021, 21:56 IST
DHNS
Last Updated : 29 December 2021, 21:56 IST
Last Updated : 29 December 2021, 21:56 IST

Follow Us :

Comments

The government’s e-procurement portal was infiltrated by hacker Srikrishna Ramesh aka Sriki to access and decrypt bids of tenders of various departments before they are finalised.

According to the charge sheet filed by the CID cyber crime police station, Sunish Hegde and Hardik, who are said to be contractors, had asked Sriki to hack the portal to gain information of “certain tenders for which they were bidding”.

‘No monetary benefit’

In his voluntary statement, Sriki said “severely outdated” infrastructure of the Karnataka e-procurement website developed on an outdated web application framework allowed him to hack the sensitive government portal. He claimed that he did not receive any money from this hack, but benefited by enjoying a luxurious lifestyle.

“They (Sunish and Hardik) told me to decrypt bids for certain tenders for which they were bidding,” Sriki told CID.

EMD refund

His attempts to hack into the portal bore its first success when he gained access to bank credentials dealing with earnest money deposit (EMD) refund.

Using this, Sriki first transferred Rs 1.05 crore to a person identified as Susheel. And, Rs 20 lakh was encashed via hawala network.

“After this test transaction, I initiated a transaction at the behest of Hemanth Muddappa (another accused in the case) to an account.”

Of the Rs 18 crore for which the transfer was initiated, Rs 11 crore was successfully transferred and “I was promised Rs 2 crore on this,” the hacker said.

The hack was carried out while staying at a posh hotel in the city for four months.

“The initial bank transaction of (Rs) 1.05 crore, which I tested, was my idea and my idea alone. However, the larger (Rs) 11 crore transaction was the idea of Sunish and Hemanth, who were in dire need of money. Sunish appeared to be in some kind of financial trouble, which needed to be solved at the earliest, which was apparently a gambling debt,” the hacker said.

Sriki said that the “infrastructure of Karnataka e-proc website was severely outdated as the web application framework it was built on had “reached its end of life in 2017”. During the course of his hack, Sriki was able to identify several bugs in the portal, which allowed him to transfer EMD refunds to accounts of his choice.

These statements are part of the charge sheet filed by the CID cyber crime police recently.

Check out latest DH videos here

ADVERTISEMENT
Published 29 December 2021, 18:37 IST
KarnatakaCID

Deccan Herald is on WhatsApp Channels| Join now for Breaking News & Editor's Picks

Follow us on :

Follow Us

ADVERTISEMENT
ADVERTISEMENT