On 7 February, an FIR was filed by KA Dayananda, IGR & CS, against unknown individuals under the IT Act. The complaint reveals Kaveri 2.0's performance issues in December 2024 were caused by a DDoS attack using bots and fake accounts
Published Feb 08, 2025 | 4:50 PM ⚊ Updated Feb 08, 2025 | 4:50 PM
A cybercrime police station in Bengaluru
Synopsis: An FIR was filed on 7 February by KA Dayananda, IGR & CS, against unidentified miscreants under the IT Act. The complaint details a DDoS attack in December 2024 and another in January 2025 on the Kaveri 2.0 system, using automated bots and fake accounts. These attacks caused significant disruption, posing a serious security threat to the government’s portal
On 8 February, Krishna Byre Gowda, Minister for Revenue on his X platform, said, “Our Department has taken seriously the recent problems in the registrations IT system Kaveri 2. We have filed a cyber crime FIR to investigate if there was an intentional attack on our IT system to disrupt registrations, and, if so, who are such persons/entities. The investigation will also help us to prevent such attacks in future. We will also independently carry out a security audit of our IT system by experts. This will help us to strengthen the IT system. #gok #revenue”
Our Department has taken seriously the recent problems in the registrations IT system Kaveri 2. We have filed a cyber crime FIR to investigate if there was an intentional attack on our IT system to disrupt registrations, and, if so, who are such persons/entities. The…
— Krishna Byre Gowda (@krishnabgowda) February 8, 2025
Kaveri 2.0, Karnataka’s innovative portal offering a range of services for property transactions, was plagued by technical difficulties for over 15 days, severely impacting property registrations statewide.
Launched on 29 May 2023, Kaveri 2.0 was designed to streamline processes for property owners, buyers, and sellers. However, persistent issues have left citizens and officials struggling.
The technical malfunction initially began with the issuance of Encumbrance Certificates (ECs) and quickly spread across all 252 sub-registrar offices in the state. Users have faced challenges logging into the system, causing delays in processing registrations.
The disruption made it difficult for people to upload essential documents, capture photos and biometric data, and submit applications—all vital steps for completing property transactions.
As the system’s public login remained inaccessible, property transactions ground to a halt. In addition to property registrations, other processes such as marriage and bank mortgage registrations, handled by sub-registrar offices, were also impacted.
Citizens found themselves stuck mid-process, with missing ECs, incomplete biometric details, and other issues.
The disruption led to significant revenue losses, with the state typically recording around 8,000 registrations daily, generating approximately ₹80-100 crore.
An FIR was registered on 7 February under the Information Technology Act, 2000 with the Central CEN Police against unidentified miscreants by KA Dayananda, Inspector General of Registrations and Commissioner of Stamps (IGR & CS).
The FIR states, “… Kaveri 2.0 faced certain performance issues during December 2024. Upon analysis and inputs from the Centre for Smart Governance, it was found that these issues were caused by a malicious DDoS attack using automated tools or bots. Fake accounts were created and entries were made into the database using these fake accounts through automated tools or bots. CSG has shared a list of 62 email accounts originating from 14 IP addresses which were used to push the data…”
It further added, “A similar attack took place in January 2025, where extreme high traffic was observed from citizen-side users for EC searches, which was eight times more than usual. At some point, it was reported that 6.2 lakh requests were received from malicious users in two hours. These users were using random keywords to perform searches.”
“As Kaveri 2.0 is a critical application of the Government, and such a malicious attack is a serious cyber security threat, this targeted assault on Government portal poses a significant risk to its security and operational integrity. This incident demands urgent attention and immediate remedial action,” the complainant concluded.
On 5 February, a press note was released by the Revenue department singed by the Revenue Minster, that stated that the authorities had got the Kaveri 2.0 application back on track.
“We are pleased to inform that the Kaveri 2.0 application which was affected by a DDoS attack from last 1 week has now been fully restored and is operating normally. The attack had impacted the registrations and EC/CC services, which had further reduced the revenue collection. In order to address this, a range of enhanced security measures have been implemented to mitigate the future risks and e-Governance department is continuously monitoring to safeguard the application.”
The department provided data to highlight how the application was hit and the drop in registrations that took place subsequently.
“On 1st Feb 2025 where the application was hit majorly, the number of registrations dropped to 556, while the number of EC signed was 1649 and number of CC issued was 405 with revenue collection of ₹15,18,72,565.45.”
It added that on 3 February, interim measures were taken. “Numbers slightly improved with number of registrations was 5243, EC count was 3525 and CC issued was 652 with revenue collection of ₹52,24,42,289.78.”
Then on 4 February, the application was once again down. “After detailed analysis, measures were put in place to restore the application. Application performance improved, the number of registrations stood at 1657, EC 7327 and CC issued was 977 with revenue collection of ₹17,13,86,591.75.”
To maintain that things have gotten back to normal, the revenue department claimed that while the total revenue collection on 5 February at 4pm was ₹62,59,69,340 with 7,225 registrations, the average figures for December 2024 were 7,721 registrations and a revenue collection of ₹62,93,54,917.
“These numbers clearly indicate that registration activity has returned to normal levels,” the note claimed.
(Edited by Ananya Rao)
