Security Bytes

Jan 14 2011   3:27PM GMT

Popular institutional websites hijacked



Posted by: ITKE
Tags:
SEO attacks
website vulnerabilities

Several government and educational websites redirect visitors to fake stores.

By Ryan Cloutier, Contributor

Security researchers at ZScaler Inc. have provided a list of government websites that have been hijacked, redirecting visitors to Google searches.

Government web properties are not the only targets of these internet villains, some university websites, including those linked to Harvard, MIT and Stanford have fallen as well. According to Julien Sobrier, a researcher at zScaler, the list of hijacked sites includes:

  • Harvard (Alexa rank in US: 875, cxc.harvard.xdu)
  • MIT (Alexa rank in US: 963, petar.blog.lcs.mit.xdu, fig.scripts.mit.xdu, hlt.media.mit.xdu)
  • Stanford (rank 782, mentalhealth.stanford.xdu, yuba.stanford.xdu, assu.stanford.xdu)
  • Fandango (rank 236, www.summermovies.fandango.xom)

There are also governmental sites in the list, from the U.S., China and other countries:

  • openworld.gov
  • paceflorida.gov
  • fpa.tas.gov.au
  • ezhouinvest.gov.cn
  • perak.gov.my
  • misiones.gov.ar
  • etc.

In zScaler’s research blog, Sobrier wrote that visitors are redirected to no ordinary Google search results; the results seem to consist entirely of fake online stores. The stores “sell” software at a discounted price. However, they all seem to have odd URLs and some of the sites are running SEO spam topics such as Viagra and U.S. student Visa.

Contemporary wisdom suggests these types of locations will not be kind to your bank accounts, Sobrier said.

Once again spammers have managed to poison search results for popular searches. This specific spam was reported a month ago, but it still shows up in the first page of results for multiple searches.

There also seem to be various domain names for the fake stores. The domain names run the gamut from the seemingly malicious software-supreme.com to the seemingly less threatening sacon.org. All in all the fake stores encompass at least 75 domains and each site looks slightly different.

What makes this attempt unique from your typical black hat attempt to turn Google’s algorithms against the common person is that the search engine optimization is in multiple languages. Usually spam SEO comes in English but this time we are seeing French, German and other varieties.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: