Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Criminals publish ads for hacking services on US government websites

Hacker Dark Web

Cybersecurity researchers from Citizen Lab recently spotted PDF files advertising hacking services, on websites belonging to numerous U.S. government agencies and educational institutions. 

As reported by TechCrunch late last week, the PDFs were found on .gov websites belonging to California, North Carolina, New Hampshire, and at least three more states, as well as at least five counties and administrative centers. 

Universities such as UC Berkeley, Stanford, Yale, UC San Diego, and countless others, are also said to have had their websites compromised. Spain’s Red Cross, defense contractor Rockwell Collins, as well as an unnamed Irish tourism company, were also affected.

SEO poisoning

In the PDFs, the threat actors advertise various services, including the ability to hack into social media accounts such as Instagram, Facebook, or Snapchat. They also advertise computer game cheats and fake follower generation. Interested parties are invited to open websites listed in the PDFs.

Discussing his findings, researcher John Scott-Railton suggested that these are not the result of a hack, but rather of a threat actor abusing misconfigured servers and content management systems (CMS): “SEO PDF uploads are like opportunistic infections that flourish when your immune system is suppressed. They show up when you have misconfigured services, unpatched CMS bugs, and other security problems,” said Scott-Railton.

TechCrunch visited some of the websites listed in the PDFs and claim that the hacks are most likely fake, and that the entire scheme is just to get people to visit the websites. These sites, the publication claims, come with a fake CAPTCHA which only buys time for the website to generate money in the background.

While the damage of this campaign seems to be almost non-existent, it begs the question of how it was possible for so many government and educational institutions to become compromised; the aftermath could have been much, much worse. 

At press time, it is claimed that most of the PDF files have been removed.

Via: TechCrunch

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.