30 Offices/Agencies Affiliated w/ The Government of Nepal Hacked by Tryliom of ‘The Official Unknowns’

Earlier this morning I came across a massive leak effecting the Government of Nepal, only it was originally posted online January 31st 2019. The hacks and leaks themselves were claimed by a hacker known as “Tryliom,” apparently an Albanian hacker part of a much larger group of international hackers going by the name of “The Official Unknowns.” Outside of that, not much is known about Tryliom or his group, nor what their purpose/intent is or what they are known for. In fact, the leak of the Government of Nepal is only the second such posting to Twitter Tryliom has posted online in almost 3 years.

Given that the information is about a month and half old at this point, there’s no telling how outdated and/or relevant all of it still is. That being said however, included in the leaked data are the login credentials, admin username, email and passwords necessary to access various databases affiliated with 30 Government agencies across Nepal. For the purposes of this article I am not going to name of all 30 offices, but they each fall under 3 main branches; the Government of Nepal (Gov.Np), National Information Center (NIC) and National Information Technology Center (NITC). To serve as proof that the login credentials are still or were at one point valid, Tryliom also released the titles of the databases you can access via the credentials provided.

In a message attached to the leaks, Tryliom stated:

Our Knowledge Talks and Wisdom Listens…

Victims, we have released some of your documents and data, we probably harmed you a bit but that’s not really our goal because if it was then all of your websites would be completely defaced but we know that within a week or two, the vulnerabilities we found will be patched and that’s what we’re actually looking for.

We’re ready to give you full info on how we penetrated threw your databases and we’re ready to do this any time so just contact us, we will be looking forward for this.

And for all the other websites out there: We’re coming, please, get ready, protect your website and stop us from hacking it, whoever you are. Contact us before we take action and we will help you, and will not release anything… It’s your choice now.

And for the Public: We’re looking for your support… Support us to deliver our message to everyone out there…

Websites Targeted:

hxxp://www.cip.gov.np/
hxxp://www.crhd.gov.np/
hxxp://www.csitc.gov.np/
hxxp://dadodadeldhura.gov.np/
hxxp://dcol.gov.np/
hxxp://dcwbkavre.gov.np/
hxxp://ddcdailekh.gov.np/
hxxp://dhobaitadi.gov.np/
hxxp://dhodadeldhura.gov.np/
hxxp://ktwr.gov.np/
hxxp://www.doind.gov.np/
hxxp://soce.gov.np/
hxxp://www.snnp.gov.np/
hxxp://sanitation.gov.np/
hxxp://mofsc-redd.gov.np/
hxxp://www.pwr.gov.np/
hxxp://psc.gov.np/
hxxp://ppcr.moste.gov.np/
hxxp://obc.gov.np/
hxxp://nccsp.gov.np/
hxxp://www.mocpa.gov.np/
hxxp://lmtc.gov.np/
hxxp://kantichildrenhospital.gov.np/
hxxp://jstc.gov.np/
hxxp://jagatpurvdc.gov.np/
hxxp://fwrhd.gov.np/
hxxp://jagatpurvdc.gov.np/
hxxp://dtosankhuwasabha.gov.np/
hxxp://dscodolakha.gov.np/
hxxp://dof.gov.np/

Full Raw Leak: https://pastebin.com/raw/p1LTL3vY
Data Download: https://anonfile.com/P4bdMaS5m4/gov_leak_txt

Browse Through Full Release:

Nepal