Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

CNN-News18 Allegedly Hacked To Deny PayTM Hack Claims

CNN-News18 Allegedly Hacked To Deny PayTM Hack Claims


A hacking group claims to have breached India’s CNN-News18 news site to use it to refute claims that they hacked PayTM Mall earlier this week, BleepingComputer has learned.

News18 is an English-language news channel that provides Indian and local news via the Indian Broadcasting Network and international news in a partnership with CNN.

A hacker group that goes by the names “John Wick” and “Korean Hackers” have provided BleepingComputer with information on the hacking of the Indian Prime Minister’s Twitter account and the online systems of popular Indian news channel, News18.

This same group had previously hacked the video-on-demand service ZEE5 and defaced multiple websites, seeking nothing but a “10 Ethereum ‘donation’ for their help.”

In their quest to refute claims that they were behind PayTM hacks, “John Wick” breached Indian PM’s Twitter account and allegedly hacked the TV channel News18 to spread the message on their innocence.


And so the story begins…

In August, “John Wick” emailed BleepingComputer to refute a report Cyble had published that attributed a PayTM Mall breach to the hacker group.

The threat actors then claimed to have breached Cyble’s to download its database and install a remote access tool to an open directory.

Cyble’s CEO, Beenu Arora, has told BleepingComputer that they could find no indications that they were breached or that a remote access script was uploaded.

BleepingComputer was able to validate the open directory listing claims, but when we looked, the said directory did not include the alleged remote access script.


Hacks many sites to refute one hack

In a paradoxical series of events, determined to assert their innocence regarding the PayTM Mall attack, “John Wick” hacked the Twitter account of Indian Prime Minister Modi, telling the world they weren’t the ones behind PayTM hacks.

“There is no other intention to hack this account. Recently fake news of our name saying PayTM mall [was] hacked by us. So we have sent email to all news publishers in India [that] it’s not us, no one replied, so we decided to post something,” read one of the tweets published from the PM’s verified Twitter account.


Furthermore, “John Wick” has provided BleepingComputer with additional information.

These images demonstrate the hackers may have hacked the Indian news channel, News18‘s systems and sent out push notifications to its subscribers to deny their involvement in PayTM hacks.

Push notifications allegedly sent by John Wick hacker group from News18 site
Push notifications allegedly sent by “John Wick” hacker group from News18 website
Source: John Wick

Further screenshots provided by the group showed folders of language-specific channels of the News18 group.

It must be noted, the authenticity of these screenshots cannot be validated, and at the time of writing, we have not received a response back from News18 group about this alleged hack.

Also read: How To Make A PDPC Complaint: With Its Importance And Impact


Folders possibly showing different News18 TV channels’ data

In an email sent to BleepingComputer by John Wick, the group has included internal IP addresses, ports, usernames, passwords, and a JSON request with an authentication token that they had allegedly used for pushing out browser notifications to News18 subscribers.

The push notification reads, “Paytm Mall John Wick – Not hacked by our Team”

John Wick email details News18 hack
John Wick’s email to BleepingComputer showing the JSON payload for triggering push notifications

When clicked on, these browser notifications opened a page at PasteBin that once against refuted the claims that the threat actors hacked PayTM Mall.

PasteBin message

Identical to the ZEE5 hack where John Wick had allegedly taken control of the company’s codebase, the hacker group provided screenshots showing code commit history for News18’s codebase in a similar fashion.

john wick news18 git repo alleged
Possible code commit history of News18 shared by John Wick

Granted, John Wick’s motivation, in this case, wasn’t to collect 10 ETH donations.

However, in trying to assert their innocence by competence, they may have breached many more systems and become criminally complicit—all to disprove one allegation of having hacked PayTM.

This is a developing story. Please check back for updates.

Also read: The Scope Of Singapore Privacy: How We Use It In A Right Way



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us