New Delhi, Jun 11 : Hackers broke into two websites belonging to Congress leader Rahul Gandhi in April this year when he was on a poll campaign, reports Times of India. Police is still trying to trace the hacker. The hackers broke into two servers created by him for family constituencies in UP.
Passwords were illegally accessed and the internet address tweaked to redirect users to an engineering college website.The web servers, amethinet and raebareli, are maintained from Rahul Gandhi's bungalow by his team of technical experts.On April 8, some of them noticed suspicious activity in the computer systems. The site was getting redirected and the email accounts had been broken into.
They immediately lodged an FIR, stating, "officials found that amethi.net website is not accessible". A case was registered under 66 Information Technology Act. The Special Cell of Delhi Police, which is handling investigations, is now on the lookout for the hacker.
"Technically, the hacker has cracked the whole domain system of the server and used an email to get the passwords," a senior officer who is part of the investigation said.
The hacking reportedly took place between April 4 and 19. Sources said the servers and websites at 12 Tughlak Lane had information on the constituencies of Rahul Gandhi and his mother, Congress chief Sonia Gandhi.
The young MP's house is also a hub of policymaking for the Youth Congress and the systems store huge databases in terms of constituencies, individuals and trends, they said.
Amethinet and raebareli were created specifically to address the constituents, but the former, after hacking, opened onto www.pdmce.ac.in, the website of an engineering college in Bahadurgarh, Haryana.
When Rahul's team checked the domain name system (DNS) of the website, it showed an IP address different from that of Rahul Gandhi's network. "Amethinet domain is registered with godaddy.com domain and when officials tried to log in to the domain management console, it was not working," the FIR said.
Email IDs created for password recovery was also hacked. "The login and password for the email was also not working," said the complaint. As experts reset the password for email@example.com and accessed the account, they found several suspicious emails.
"These emails were sent by domain management console, godaddy.com (of amethinet), to an unknown person on his request regarding password recovery," says the FIR. Officials said the recovered emails revealed the times at which the IP address password recovery requests were generated by the hacker.
"The unknown hacker has cracked all of our domain management console passwords using password recovery email account firstname.lastname@example.org and has made changes in DNS zone files so that it got redirected into some other websites," the FIR said.