NIST.gov, heidelberg university and others have been hacked by black hat spammers.
Lately I’ve been getting some spam that I consider a special treat. These are websites that have been exploited and used to promote spammy pharmacy products such as viagra and cialis.
I am not happy that victims are being used, I’m intriqued on how the spammers managed to get away with it.
This one comes from NIST.gov:
SPAM Hack of NIST.gov
I’ve been working with the U.S. Govt for a long time so I am familiar with the NIST. It is the National Institue of Standards and Technology: “Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Commerce Department’s Technology Administration.”
When I thought that they might have been hacked, I immediately sent and email to the webmaster. But unfortunately they rejected my email.
Here is another hack attempt (this one unsuccessful):
Here is one is what looks like a division of Heidelberg University:
email I sent to Heidelberg Universtiy (translated with babelfish):
Ihr Aufstellungsort kann ausgenutzt worden sein:
Die Person, die dies getan hat, benutzt Ihren Aufstellungsort zu Spam andere Internet-Aufstellungsorte. Traurig über meinen Deutschen. Ich verwende babelfish.altavista.com, um zu übersetzen. Auf Wiedersehen
Here is another attempt on Kryten.murdoch.edu.au
As with any exploit, the spammers used a flaw in the webpage to post the data on victims webpages. The sad thing is that it can happen to anyone. Security Awareness is really the only defense one can have.
I have been getting a lot. I’ll update this when I get some good one.