Americas

  • United States

Asia

Oceania

Bad guys hijack several .edu and .gov sites

News
Jan 13, 20112 mins
Data and Information Security

Be careful when you visit government and education sites. I just got this message from Rich Mullikin, PR man for security vendor Zscaler:

Zscaler researchers just posted a blog today about the recent activity where a lot of high profile .EDU and .GOV where hijacked to redirect users to fake online stores. Google searches related to buying software (“buy windows 7 key”, “where to buy Microsoft”, “purchase microsoft word”, “buy microsoft office”, etc.) contain a long list of websites running on non-standard ports: www.kidsforkidsfestival.org:8080, en.jurispedia.org:4444, >www.notiuno.com:4577, etc. These links redirect users to online stores which claim to sell software at a discounted price.

The list of hijacked sites include:

• Harvard (Alexa rank in US: 875, cxc.harvard.edu)

• MIT (Alexa rank in US: 963, petar.blog.lcs.mit.edu, fig.scripts.mit.edu, hlt.media.mit.edu)

• Stanford (rank 782, mentalhealth.stanford.edu, yuba.stanford.edu, assu.stanford.edu)

• Fandango (rank 236, www.summermovies.fandango.com)

There are also governmental sites in the list, from US, China and other countries:

• openworld.gov

• paceflorida.gov

• fpa.tas.gov.au

• ezhouinvest.gov.cn

• perak.gov.my

• misiones.gov.ar

• etc.

Here’s the blog post by Zscaler’s Julien Sobrier: http://research.zscaler.com/2011/01/high-profile-websites-hijacked-to-lead.html

–Bill Brenner