Take a look at some of these examples (offensive screens are thumbnailed for the easily offended):
As you can see, a vast number of hits of sites that have been taken over by porn on the University of Southern California system (usc.edu).
But it�s not only USC.
We have Virginia Tech:
On this one Virginia Tech page, we get some really nasty porn (which we�ve covered up), with an offer to view more porn after installation of a fake codec:
Here�s the University of Maryland:
Searching Google for this one term brings up some rather disturbing stuff:
Similarly, searching for �amatuer porn movies free� on Google brings up more nasty stuff, including this:
Now, in the case of the Callutheran site, it�s a WIKI - there is a PHP script that loads HTML from here a porn site (http://www(dot)bigvideosonline.com/lesbians/index(dot)php?id=1403&style=orange). How did the script get there? We don�t really know, but suspect it could MediaWiki vulnerability.
A search for �Cheating Wives movies frees inurl:edu� brings us this:
And here�s more, Indian River Community College and USC:
Sniffing around one place, we find wide open access:
So there�s an open directory listing with a keyword list and two PHP scripts that load the security scam hijacker porn pages or re-direct to rogue applications like Privacy Protector:
It literally goes on and on and on and on and on.
Alex Eckelberry
(With copious credit to Sunbelt researcher Adam Thomas)
No comments:
Post a Comment