@rajujayaraman It was the real Flipkart site. I can confirm that. Like @pothi does I'm also running a DNS server locally behind a custom pfSense router.
It has nothing to do with DNS. DNS is just a registry in which you can search for domains. Also if DNS services like GoogleDNS, Cloudflare were compromised to return malware websites the change would be global. Not only we BSNL/MTNL users will face this issue, everyone will.
This malware is activated by a click. Because after 2015 chrome and other browsers stopped allowing web pages to execute some things like this without an initial user interaction. I've posted a Pastebin link above which contains the contents of that obfuscated code that runs to redirect and open those malware pages.
After referring to most of those web pages we can confirm that the ads are provided by a firm called "Mindspark interactive". Not sure whether they are running these campaigns for BSNL.
I've checked with LCOs and they all seem to be using Chinese non-branded or Chinese rebranded OLTs and ONUs. A strong doubt that I have is whether these ONUs or OLTs were compromised to inject those scripts in non-secure web pages.
An engineer from BSNL paid a visit to my home today and I've explained these things to him. He is as surprised as we're and said if BSNL is doing this then they are breaking their policy and he will check on this.
I'm wondering if BSNL is purposefully doing this why can't they admit?
It has nothing to do with DNS. DNS is just a registry in which you can search for domains. Also if DNS services like GoogleDNS, Cloudflare were compromised to return malware websites the change would be global. Not only we BSNL/MTNL users will face this issue, everyone will.
This malware is activated by a click. Because after 2015 chrome and other browsers stopped allowing web pages to execute some things like this without an initial user interaction. I've posted a Pastebin link above which contains the contents of that obfuscated code that runs to redirect and open those malware pages.
After referring to most of those web pages we can confirm that the ads are provided by a firm called "Mindspark interactive". Not sure whether they are running these campaigns for BSNL.
I've checked with LCOs and they all seem to be using Chinese non-branded or Chinese rebranded OLTs and ONUs. A strong doubt that I have is whether these ONUs or OLTs were compromised to inject those scripts in non-secure web pages.
An engineer from BSNL paid a visit to my home today and I've explained these things to him. He is as surprised as we're and said if BSNL is doing this then they are breaking their policy and he will check on this.
I'm wondering if BSNL is purposefully doing this why can't they admit?