- Reaction score
- 1,681
Dozens of U.S. government websites appear to contain a flaw enabling anyone to generate URLs with their domains that redirect users to external sites, a handy resource for cyber criminals looking to infect users with malware or trick them into surrendering their personal information.
Gizmodo first reported a year ago that a wide variety of U.S. government sites were misconfigured, allowing porn bots to create links that redirected visitors to sites with colorful names like “HD Dog Sex Girl” and “Two Hot Russians Love Animal Porn.” Among those affected was the Justice Department’s Amber Alert site, links from which apparently redirected users to erotic material.
Following Gizmodo’s report, a handful of government offices changed their settings to address the problem. The problem persists, unfortunately, and several new websites appear to be affected. While it appears that mostly porn bots are taking advantage of these poorly configured sites, it also poses a serious security concern.
The ability to generate malicious links that appear to lead to actual government websites can be a handy pretense for criminals conducting phishing campaigns. What’s more, these malicious redirects may be used to send users to websites masquerading as official government services, encouraging them to hand over personal information, such as names, addresses, and Social Security numbers.
gizmodo.com
Gizmodo first reported a year ago that a wide variety of U.S. government sites were misconfigured, allowing porn bots to create links that redirected visitors to sites with colorful names like “HD Dog Sex Girl” and “Two Hot Russians Love Animal Porn.” Among those affected was the Justice Department’s Amber Alert site, links from which apparently redirected users to erotic material.
Following Gizmodo’s report, a handful of government offices changed their settings to address the problem. The problem persists, unfortunately, and several new websites appear to be affected. While it appears that mostly porn bots are taking advantage of these poorly configured sites, it also poses a serious security concern.
The ability to generate malicious links that appear to lead to actual government websites can be a handy pretense for criminals conducting phishing campaigns. What’s more, these malicious redirects may be used to send users to websites masquerading as official government services, encouraging them to hand over personal information, such as names, addresses, and Social Security numbers.
A Year Later, U.S. Government Websites Are Still Redirecting to Hardcore Porn
Dozens of U.S. government websites appear to contain a flaw enabling anyone to generate URLs with their domains that redirect users to external sites, a handy tool for criminals hoping to infect users with malware or fool them into surrendering personal information.
gizmodo.com
Last edited by a moderator:
