5 hours ago
5
ARTICLE AD BOX
RAJKOT: A shocking cybercrime has rocked India’s digital security landscape, with hackers stealing at least 50,000 CCTV clips over nine months from facilities across the country and selling them online for anything between Rs 700 and Rs 4,000 per clip, feeding them into an international porn fetish network for profit.Investigators revealed that 80 CCTV dashboards were compromised, spanning hospitals, schools, corporate offices, factories, cinema halls, and even private residences across cities including Pune, Mumbai, Nashik, Surat, Ahmedabad, Delhi, and more. The scam came to light when teaser clips from Payal Maternity Hospital in Rajkot appeared on YouTube channels like “Megha Mbbs” and “cp monda”, leading customers to Telegram groups where the stolen footage was sold. Officials said the breaches were made possible by default passwords such as “admin123”, enabling hackers to launch automated attacks and collect massive amounts of sensitive footage.Despite the primary arrests being made earlier in 2025, investigators found that these illegally obtained clips were still available on Telegram groups until at least June.Investigators found that many of these CCTV systems still used factory-set passwords like ‘admin123’, which had not been changed during setup.
This enabled the hackers to initiate an aggressive and automated assault.An officer from the cybercrime branch in Ahmedabad told TOI: “The primary method used was a ‘brute force attack’ (hackers using a program or bot to try every possible combination of letters and numbers for a lock).” Parit Dhameliya, the lead hacker in the operation, a BCom graduate, employed three different software programs to achieve this.“First, Dhameliya used a website called suIP.biz to obtain the IP addresses (the unique online location) of cameras in Gujarat. These IPs were then fed into a software called ‘Masscan’ which quickly scanned for open ports (the specific digital doorways that allow remote communication).”Next, the attackers used a specialized hacking tool called ‘SWC software’, which can reveal a camera’s ID, password, and IP address once the system is compromised.
Using these stolen credentials, another accused, Rohit Sisodiya — later arrested in Delhi and who had posed as a medical laboratory technology diploma holder — accessed the hospital’s cameras through the DMSS application, a tool normally used for legitimate remote viewing.The officer added, “To access this sensitive footage cost around Rs 700 per person, though the highest-demand voyeuristic clips sold for up to Rs.
4,000. Praj Patil, also a NEET aspirant, acted as the financial facilitator, providing his mobile number and bank account to collect subscription payments.” To conceal their location, the attackers relied heavily on international infrastructure, routing their activities through virtual private networks (VPNs) that made their origins appear to be in cities like Bucharest in Romania, and New York in the US.The massive scale of unauthorized access — exceeding 11,000 successful external sessions in total — was meticulously tracked through log files spanning from Jan 2024 through early Dec 2024. The core members, including Prajwal Teli, Praj Patil, and Chandraprakash Phoolchand, were arrested within 39 hours of the FIR being registered. The threat actors were charged under several sections of the BNS Act and IT Act, including cyber terrorism.
English (US) ·