USAID Server Hacked To Serve Pornography - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
News
11/30/2007
05:55 PM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

USAID Server Hacked To Serve Pornography

The compromised server was associated with USAID's Tanzania subdomain, Tanzania.usaid.gov.

The U.S. Agency for International Development (USAID) provides economic, developmental and humanitarian assistance around the world in conjunction with the foreign policy goals of the United States. It also provides porn, or so it appeared as of 2:00 pm PST on Friday.

A call to USAID for comment found the agency unaware that one of its servers had been compromised. A few minutes later, a USAID spokesperson called back to say that the agency's IT staff was in the process of dealing with the issue. The hacked server was associated with USAID's Tanzania subdomain: Tanzania.usaid.gov.

This rather unorthodox offering was discovered by Sunbelt Software. As security researcher Patrick Jordan noted in a blog post on Friday, searching for porn using Google's "site:" operator (to restrict the search to the USAID domain) returned a list of apparent porn links.

In fact, the promise of porn is bait to dupe searchers into visiting malicious Web pages. Those doing so get presented with a fake error message indicating that updated video software is required. Interacting with the dialog menu, accepting it or canceling it, is likely result in the installation of the Zlob Trojan.

Infected machines were then at risk of being conscripted to serve in some cyber criminal's bot army.

"Trojan-Downloader.Zlob.Media-Codec is a program that typically purports to be a needed upgrade to Windows Media Player in order to view adult oriented videos on certain Web sites," Sunbelt explained on its Web site. "However, Trojan-Downloader.Zlob.Media-Codec actually downloads and installs additional malware on the user's machine."

It's not the first time Sunbelt has spotted inappropriate content on unsuspecting Web sites. On Thursday, the company spotted pornography on a Web site belonging to the transportation authority in Marin County, Calif. It has since been fixed, for the second time. In October, similar revelations arising from the same site led the federal government to close the entire "ca.gov" domain briefly, thereby shutting down the Internet and e-mail for the state.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
News
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll