BSNL Code Injection: Adware on Govt websites

riturajkumari · January 12, 2021, 12:43pm

I was visiting the new website of kamdhenu.gov.in on my BSNL broadband fibre network on firefox browser.

I experienced two instances unsolicited ads opening in new tabs to random websites within 15 mins.

Upon further investigation of the website code. I found an “iframe” tag and it was redirecting to Adware named “onmarshtomper(dot)com”.

The website pops up are these: “EasyAsVPN” and “Binomo”

Link No. 1: Binomo - The most effective platform for trading
Link no. 2: https://easyasvpn.com/free-vpn-windows/?cep=dRywA-syAI5KmqvJj3p7gX2sxrSQY-G-LROYdr1XLjlhkBfbEwh0VDapgwhqZdjEbH7MLEbT1xWWOUiX2FmSndgG_18aeE1RnWgyxZkH4xuVO9LV96vv_46ZN31W0K4X5Rgv5Py4vtNtLjlYuSXf1rwnaMyUj5IgW1oh2VdseAI9JQ7bcIfTC3FeuYRuALRB-3jS-_G35HaAyVHCzDhe0nGofpMLxMCo1TOIbNLtx1YW_-xoLyJqF4E9IRXnQIE-EZx_sipJTfXeiMW6y7eCPcDgdjD3HQt__GQD272v0p_SRUXbHJ6CxvDzDfeUZA4DuyeQSU4AkO1M-8UIVayAr8IqyfnDhBSceqJ6DWvhZ-9RqHTWExcyOWfdUTJ4dUmcaZEYiYk5ld-Aj4gr8GWIgcCv3XCI6LBH83rJ1D2eIrRm6R4PgWV4B_pgGdvdcrYRfXXZfQhk-gUgCztFX8rfGadI03nCnKtDzVCzNXch_UFRWt2hY6XsRl7ZGWYrRO7h3wC-CiVPHG_hqOUgLcgAhvb6BiMbo2kpO4Ue9EKYNusIg2yQ4uWamSNIZ3g0zg3pAoEfUFRrguAaUno_Rsy6iArEzgr2bM_gwXDgEPJCRfIqFHYez8pMcpdDvjCf6DpDCcTde0eDmjnWoZbf7UP0IALu0SFAYnvak4L-FKdann8rz2jBmJ1hfNnXUTZcMSUV&lptoken=163610de451943287724&zoneid=3426443&bannerid=7786814&browser=firefox&os=windows&device=desktop&region=ka&isp=bharat%20sanchar%20nigam%20limited&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:84.0)%20Gecko/20100101%20Firefox/84.0&language=en&connectiontype=broadband&cost=0.000087&visitor_id=372827725943017633

What is the solution to this? I have been experiencing this since Dec, 2020.

abhijit · January 14, 2021, 1:56pm

This is unfortunately a known issue with BSNL, and like many things in India, complaining seems to have no effect:

You should switch to a different ISP, or, until that is possible, use a VPN. I don’t think changing DNS servers will help but you could always try.

AFAIU, this is only an issue on non-HTTPS sites (which the kamadhenu site still is in 2020, fittingly), and your shopping/banking etc should be as secure as it is on other ISPs.

aparatbar · January 18, 2021, 8:31am

Hey Abhijit,

Have noticed a very high level of obstinancy from BSNL on this issue despite repeated advocacy. Let me flag this to @Anushka and @Rohin_Garg and we will chat internally on how we can address this.

riturajkumari · January 18, 2021, 7:13pm

@abhijit

Unfortunately, I cannot change my ISP as the only options I have is Railwire and BSNL. But railtel/railwire seems to be blocking duckduck(dot)com / change(dot)org and various other websites.

I have researched on internet, it seems to be there from long time.
I suspect they have engaged some adware platforms like “adcash” to generate revenue at expense of compromising user’s internet access.

BSNL giving the alleged authorization to some platform is highly prejudicial to network infrastructure security.

I have started this change.org petition: https://www.change.org/Stop-BSNL-Ads

Let see what happens.

sethia · May 11, 2021, 6:31am

We need to do a lot more than just change petition, any legal fight or representation to end this immediately?