Scammers Advertise Hacking Services on Gov Websites – Global Village Space | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

A massive spam campaign has affected several US state, county, and local government websites, as well as universities, a federal agency, and other organizations. Scammers uploaded PDF files containing advertisements for hacking services on official .gov websites belonging to the state governments of California, North Carolina, New Hampshire, Ohio, Washington, and Wyoming; St. Louis County in Minnesota, Franklin County in Ohio, Sussex County in Delaware; the town of Johns Creek in Georgia; and the federal Administration for Community Living. They also uploaded similar ads on the .edu websites of several universities, including UC Berkeley, Stanford, Yale, and the University of Washington. Other victims include Spain’s Red Cross, defense contractor Rockwell Collins, and an Ireland-based tourism company.

The PDFs link to various websites advertising services that claim to be able to hack into Instagram, Facebook, and Snapchat accounts; cheat in video games; and create fake followers. Some of the documents have dates that suggest they may have been online for years. The cybercriminals appear to be using open source tools to create popups to verify that the visitor is a human but are actually generating money in the background. A review of the websites’ source code suggests the hacking services as advertised are likely fake, despite at least one of the sites displaying the profile pictures and names of alleged victims.

John Scott-Railton, a senior researcher at the Citizen Lab who found these advertisements, said that while this campaign seems to be complex and massive, it could have been exploited by malicious hackers to do much more damage. “In this case, the PDFs they uploaded just had text pointing to a scam service that might also be malicious as far as we know, but they could very well have uploaded PDFs with malicious contents,” he said. “Or malicious links.”

Representatives for some of the victims said that the issue was with a content management system called Kentico CMS. It’s not entirely clear how all of the sites were affected, but some victims described techniques that appear to be the same, but without mentioning Kentico. Several victims told TechCrunch that these incidents are not necessarily signs of a breach, but rather the result of scammers exploiting a flaw in online forms or a content management system (CMS) software, which allowed them to upload the PDFs to their sites.

The ultimate damage of this spam campaign is and will end up being minimal, but having the ability to upload content to .gov websites would be concerning, not just for the .gov websites in question, but for the whole US government. In 2020, Iranian hackers broke into a US city’s website with the apparent goal of altering the vote counts. And elections officials have expressed concern for hackers hacking into election-related websites.


Click Here For The Original Story From This Source.

National Cyber Security