Web sites for among the world’s most prestigious universities are serving express porn and malicious content material after scammers exploited the shoddy record-keeping of the positioning directors, a researcher discovered just lately.
The websites included berkeley.edu, columbia.edu, and washu.edu, the official domains for the College of California, Berkeley, Columbia College, and Washington College in St. Louis. Subdomains akin to hXXps://causal.stat.berkeley.edu/ymy/video/xxx-porn-girl-and-boy-ej5210.html, hXXps://conversion-dev.svc.cul.columbia[.]edu/brazzers-gym-porn, and hXXps://provost.washu.edu/app/uploads/formidable/6/dmkcsex-10.pdf. All ship express pornography and, in at the very least one case, a rip-off web site falsely claiming a customer’s pc is contaminated and advising the customer to pay a price for the non-existent malware to be eliminated. In all, researcher Alex Shakhov stated, tons of of subdomains for at the very least 34 universities are being abused. Search outcomes returned by Google listing hundreds of hijacked pages.
A handful of hijacked columbia.edu subdomains listed by Google
A handful of hijacked columbia.edu subdomains listed by Google
One of many websites redirected by a UC Berkeley subdomain.
One of many websites redirected by a UC Berkeley subdomain.
Hijacking a college’s good identify
Shakhov, founding father of SH Consulting, stated that the scammers—which a separate researcher has linked to a recognized group tracked as Hazy Hawk—are seizing on what quantities to a clerical error by web site directors of the affected universities. After they fee a subdomain akin to provost.washu.edu, they create a CNAME file, which assignes a subdomain to a “canonical” area. When the subdomain is ultimately decommissioned—one thing that occurs continuously for numerous causes—the file is rarely eliminated. Scammers like Hazy Hawk then swoop in by hijacking the previous file.
With that, they’ve now hijacked that college’s subdomain. Given the reputations universities have, search queries then move to the highest of Google’s outcomes.
