How an invisible hacker leaked IIT-JEE and NEET exams papers exploiting vulnerabilities in iON platform TCS?

A recent report claims that the iON TCS platform was compromised, resulting in the leak of multiple details about the JEE Mains exam. The Central Bureau of Investigation (CBI) has launched an investigation, hoping to quickly find information about the perpetrators of the attack.

TCS iON is a system designed to conduct nationwide exams, including NEET and JEE Mains assessments in the safest and best evaluated way possible. This is the most important provider of this kind of services in India.

According to initial reports, the iON platform has been compromised and the IWC has arrested three directors of a Noida-based entity. The intelligence agency is also investigating several TCS iON labs at various locations where the tests were conducted, including the local Sonipat University.

The anomalies began to be detected in the first days of September, which coincides perfectly with the application dates of the JEE Mains exam, scheduled between August 26 and September 2. So far, authorities have arrested seven people in connection with the case, including three officials from the private education center Affinity Education.

The reports also mention that external applications or tools cannot be introduced into TCS iON systems and do not have access to computers or the Internet. However, it appears that the test computers may have had an external application pre-installed, which allowed a remote connection to be established to the compromised machines.

This is often done by education centers in remote areas, in complicity with the principals of these institutions with the intention of helping students answer the tests or even allowing a third party to solve the test instead of the student.

Finally, an informant claims that students pay an advance of around a variable amount in exchange for accessing a hacked system. These systems are installed with these remote access tools before exams were conducted without the risk of failing the test.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.