NTC servers hacked

A very famous and powerful hacking group of Nepal yesterday announced that they have hacked the Nepal Telecom servers  and the database is in their control. The group named Anonymous #opnep posted a photo with a list of mobile phone numbers and said that they are watching NTC and the corruption. The group stated that they aren’t against the Nepali citizen but they are against the corruption and the government.

Anonymous #opnep posted that they will provide the information or details related to their mobile phone number. They were providing personal details stored in the database as users request from private message from Facebook. The group defaces many Nepali governmental websites and brings many facts to surface. This incident proved that the NTC servers are very vulnerable and at weak state.

Read about: Price of Samsung Galaxy S7 and S7 Edge in Nepal

Hackers said that they aren’t going to take down the servers because that would eventually be loss of NTC, government and common people. Hackers wanted to show how vulnerable is their system and they wanted to provide them the proof of it. They want the authorities to fix such security issues, holes and make the system better. Nepal Telecom hasn’t said anything official on this matter.

 Group also said that they are monitoring the low bandwidth being transferred through ADSL in name of broad band  so it seems they are very concerned about the low quality service. Nepal is 2nd country with worlds slowed internet connections. It is obvious that the company needs serious overhaul to maintain its competition in market and to withstand the amount of customers.

Condition: In our own inspection  we found some problems in ADSL speed, up time, activation period and security issues in customer care page, internal page links problem.

NTC Customers care Problem
NTC Customers care Problem

Their customer care interface is very sensitive part of site because people can control their bandwidth and other option of the service. This page has login interface with a messed up SSL certificate. The notification itself says that it is not strong and other people can view the information transfer. The link to the telephone search used to work few years ago but isn’t  working now and hasn’t been updated.

Aftermath

Nepal Telecom recently claimed that it wasn’t a hack. Instead it was unauthorized access to the records from private SIM distribution center. Anonymous #opnep said that the the security vulnerability has been patched which failed a simple test. Whatever the company says, they need good audit and system maintenance. Last time the system couldn’t handle high traffic of balance recharge.

This is the problem with many of the Nepali websites and mainly government sites. They seriously need to maintain and reinforce the security. The hackers are always pointing these security issues so that they would be fixed. By learning from the accidents and attacks the companies and authorities should act swiftly towards fixing the problem and making the system strong for future .