08 Feb 2019

Is BSNL Hacking Into Insecure HTTP Connections To Inject Its Advertisements?

It looks like BSNL's hired someone really really smart. The person has come up with an excellent idea of injecting BSNL's own advertisements into every website that loads over 'http' ; that is if the website starts with 'http' instead of 'https', BSNL will force-inject their advertisement on the site.

User's can't figure out whether the ad is coming from the site itself or being injected by BSNL. I do not visit any website that does not support SSL; but I recently stumbled upon a Government website that had not obtained its SSL certificate; and I saw a big BSNL advertisement on the site - that led the entire site unresponsive. I had to reload the page multiple times to get rid of the ad. 

I'm going to capture a screenshot of the ad next time BSNL send it to my browser. 

We've an old discussion about the same problem; and I'm not sure if BSNL had actually stopped it after concerns where raised by several netizens who were on BSNL connection. https://www.crazyengineers.com/threads/bsnl-injecting-advertisements-in-your-browser.88882

Have you spotted a big BSNL banner on any site that actually fills ~40% of the screen? Is BSNL hacking into insecure connections?

09 Feb 2019

Its a bit interesting topic...

I already know that someone hacked into a large amount of mikrotik routers to inject malicious coinhive codes to mine XMR (Read here: https://cyberintro.net/more-than-200k-wifi-routers-were-affected-by-coinhive-cryptomining-drive/ ). So BSNL might trying to do something like this?

Share this content on your social channels -

Only logged in users can reply.