Spam campaign targets government, websites with hacking ads

Share post:

An extensive spam campaign has targeted the official websites of several state, county, and municipal governments in the United States, as well as federal agencies and many colleges with hacking service ads.

The scammers posted PDF adverts promising hacking services on websites ending in.gov and.edu domains. California, North Carolina, New Hampshire, Ohio, Washington, and Wyoming federal websites are among those affected, as are specific county and municipal websites. UC Berkeley, Stanford, Yale, and the University of Washington were also targeted.

Other victims include the Spanish Red Cross, defense contractor Rockwell Collins, and an Irish tourism firm, in addition to government and educational sites. The PDFs featured links to websites that provided services such as hacking Instagram, Facebook, and Snapchat accounts, gaming cheats, and making phony followers.

These adverts were found by John Scott-Railton, a senior researcher at Citizen Lab, who highlighted concerns about potential security flaws. While the submitted PDFs only refer to scam services at the moment, Scott-Railton warned that additional dangerous information might have been published, possibly inflicting serious harm.

While the exact nature of the breaches is unknown, some victims had misconfigured forms that allowed PDF submissions, while others have eliminated unwanted PDFs and improved security.

The sources for this piece include an article in TechCrunch.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways