CATIIM.IN hacked; Prometric says ‘Malware was discovered and removed overnight’
CATIIM.IN has been hacked. It is currently hosting malware files as listed by multiple antivirus software and also google’s safe browsing diagnostic pages. Don’t visit the site until the infection/hack clears up.
If you visit the site without any antivirus or malware detecting software on your machine, there is a high chance you will end up infecting your computer. The timing of this hack is awful for the candidates. More information on this as the day progresses. In most of such cases a security exploit would have been found on the server by the people who decided to target the site. This does not bode terribly well for Prometric as there will be enough questions on the sanctity of the data collected by them from the students and also their ability to host a secure website.
We request users to not visit the website until the team at Prometric fixes the site. We’ll report back as soon as it happens.
UPDATE: Prometric sent us the following official statement admitting that there indeed was malware on ‘Catiim.in’. It goes on to further say that it has been removed and that candidate data was not compromised as a result of the attack. Full text of the statement below:
“Prometric has been investigating reports that IIMs CAT web site www.catiim.in has been displaying warning messages on certain browsers. A malware was discovered and removed overnight. It will take several hours for the warnings to disappear from Google Chrome. As is stated at the bottom of the candidate registration page, we advise candidates to use the following approved browsers: Internet Explorer version 7 or above, or Firefox version 3.0 and above.
The affected site provides information about the CAT to candidates; it does not store or contain any candidate information.
If access to www.catiim.in is not available, the alternative site https://iim.prometric.com/ is the Prometric web site for accepting candidate applications and appointments. Candidate information is protected with enterprise-class security technology, is confirmed to be safe from harm, is completely segregated from the www.catiim.in web site, and has undergone rigorous security and vulnerability testing.
At no time did this issue impede the ability of candidates to register for the CAT, nor has any candidate application or appointment data been compromised.” (End of statement)
Meanwhile. the Google search continues to show a ‘This site may harm your computer’ advisory for all webpages on ‘Catiim.in’ (see screenshot below). It usually takes Google a few hours after a website is cleaned up of malware to take the advisory down. One could start surfing the site on the browsers recommended by Prometric, but to be absolutely safe one might want to wait for the advisory to be taken down from Google.
PS: The alert is only being shown on Google Chrome and for people using Kaspersky Antivirus, Avast & Nod32. If you are just using Firefox or IE, you may or may not see any error, but that doesn’t mean the site is secure.
PS2: Alert now showing on all of Chrome, Safari and Firefox on Windows, Ubuntu or Mac OS.