The hacker group known as “dawnofdevil” has emerged as a threat actor, actively targeting Indian organizations, including government entities.
Operating prominently on BreachForums, this group has recently expanded its activities to compromise the security of the Income Tax Department of India and breach the data of millions of users from the popular ISP, Hathway.
Under the pseudonym ‘dawnofdevil,’ an unidentified individual claims to have infiltrated the security of the Income Tax Department of India. The hacker alleges to have gained access to an email account hosted on the incometax.gov.in domain, opening avenues for unauthorized registrations on various Indian government-affiliated websites.
Dawnofdevil Hacker Group Targets Multiple Victims
While the implications of this security breach are potentially vast, concerns about the confidentiality and integrity of sensitive information within the Income Tax Department have yet to be confirmed.
The hacker has attached a price tag of US$500 to the compromised email access, actively seeking potential buyers through private channels.
On December 22, 2023, dawnofdevil announced the successful hacking of Hathway, a major broadband internet service and cable TV provider in India.
The hacker claims to have acquired the personal data of 41.5 million customers, including sensitive information such as names, addresses, phone numbers, email addresses, and even password hashes.
The data, available for sale at US$10,000, includes not only user details but also access to MySQL and Oracle databases, totaling over 400 GB of data and more than 800 tables with production data. Additionally, the hacker boasts possession of 4 million+ KYC documents, containing full names, Aadhar numbers, PAN cards, and other national ID details.
Sample Data and Dark Web Portal
Dawnofdevil has further shared samples of the compromised data, demonstrating the extent of the information at risk, including full names, physical addresses, phone numbers, email addresses, user IDs, account IDs, password hashes, IP addresses, and more.
To facilitate the sale and potentially enable targeted searches, the threat actor has set up a Tor site where individuals can search for data entries using mobile numbers and email addresses.
The dawnofdevil hacker group poses a serious threat to the security and privacy of Indian organizations and individuals. As the alleged organizations investigate the breach, and with the data of millions of Hathway users at stake, the importance of robust cybersecurity measures cannot be overstated.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
