Cyber Incident Victim: Supreme Court of Pakistan

On September 20, 2024, the official YouTube channel of the Supreme Court of India was compromised in a cyberattack that lasted several hours. Hackers altered the channel’s content to display promotional material for XRP, a cryptocurrency developed by Ripple Labs, a U.S.-based company engaged in legal disputes with the U.S. Securities and Exchange Commission. The attackers replaced the channel’s normal content with a blank video titled "Brad Garlinghouse: Ripple Responds To The SEC's $2 Billion Fine! XRP PRICE PREDICTION," referencing Ripple’s CEO. They also made previous videos of Supreme Court hearings private, restricting public access to archived proceedings. By approximately 3:00 PM local time, attempts to access the channel returned a 404 error message stating, “This page isn't available. Sorry about that. Try searching for something else.” The Supreme Court issued a public notice confirming the channel had been taken down and assuring users that services would be restored shortly. The channel, operational since 2018, had been instrumental in live-streaming Constitution Bench hearings and other matters of public interest, including high-profile cases like the Krishna Janmabhoomi-Shahi Idgah dispute. This incident disrupted public access to a critical transparency initiative launched under former Chief Justice UU Lalit.

The breach occurred amid a series of similar attacks targeting Indian institutional accounts. Two days prior, on September 18, the Hyderabad Metro Rail’s X account (@ltmhyd) was hacked to promote $HACKED, a cryptocurrency token on the Solana blockchain. The following day, the Indian Hockey team’s X account (@TheHockeyIndia) was compromised shortly after their Asian Champions Trophy victory, displaying a message declaring, "THIS IS A HACKED ACCOUNT! INTRODUCING $HACKED ON SOLANA," alongside a profit-sharing proposition linked to further breaches. While the Supreme Court’s breach specifically promoted XRP rather than $HACKED, all incidents shared a pattern of exploiting institutional platforms for cryptocurrency promotion. Reports suggested compromised API keys or third-party app integrations as potential attack vectors, though no technical confirmation was provided for the Supreme Court’s case. The incident underscored vulnerabilities in digital infrastructure supporting public institutions, temporarily severing a key channel for disseminating judicial proceedings to citizens. Restoration efforts were underway at the time of reporting, with no further details disclosed regarding investigative or remediation steps.