Once again, the Indian election looms and while it is an exciting time to vote, malware authors are looking to exploit voters’ hope and enthusiasm for their country’s political future. Any popular websites with a large user base will inevitably become a target that attackers will use to host or push their threats onto unsuspecting users’ computers. This time, the voting website Jaago re! is the attacker’s choice.
Jaago re! is an Indian online non-profit portal that provides several voter services, including voter registration, voter list searching, election information, and assembly constituency searching. It’s easy to see why this site has a large enough user base to make it a target for attackers.
The screenshot below shows an excerpt from the initial script used by the attackers: