UK university websites hijacked; selling Viagra etc.
Summary: A number of UK colleges and universities with the .ac.uk domain name have been hacked and now dish out fake drug stores. Can you protect your network from website breaches?
A computer security firm has discovered a number of UK colleges and universities with the .ac.uk domain name hijacked and redirected to fake drug stores offering the usual spam-box full of supplies, according to the BBC.
It is believed that the PHP code on the sites was injected with malicious code which redirected them to fake drug stores, so when a user searches certain keywords on Google, the university or college website would appear at the top and be redirected from there. The value of the legitimate site may have boosted link views it is thought.
This appears to be a similar, or even perhaps the remnants of a previous assault which hit a number of wider websites last year - including schools and domain names ending in .gov.uk - the UK's government domain name.
Some of these webites can still be found with code injected at this Google search and this one. It is advised you do not click on any further links on the search results.
One student emailed me pointing out that their university had been hacked for months and issues were still arising from it. They were also concerned about their network security and how far this or other security breaches could go into the network.
Good news and bad news, for you my anonymous student friend.
It is good practice to have any public facing website for an organisation totally nucleated away from any internal network structure, including storage spaces and collaboration areas. Take a university website for example. There will be many areas there of which an ordinary member of the public can view the site but will be stonewalled by user authentication procedures when they get too far. This will only be reserved for students and staff.
But with the more internal network exposed - such as accessing read-only file directories offering a wide range of course files or student data - available on the web through a URL, whether it is password protected or not, can lead to dangers there. If the main website gets breached, as from time to time they will do, the behind-the-scenes may not be as safe and secure as you may hope.
Then again, if a website is breached and installs malware locally, you could end up bringing down your entire university network like what happened in Exeter only a few months ago.
I do not envy those who work in network security. The revolver I keep in my desk would make more than a daily appearance I fear.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
UK university websites hijacked; selling Viagra etc.
The story is about a breach, not a OS. Add something meaningful. (NT)
Story is about PHP sites being exploited
occurrence.
The train wreck that is PHP is a prime example
of what can happen when an open source process
goes wrong. PHP is haphazardly thrown together.
It was never designed, it just happened.
The poorly designed "language" (I use that term
liberally here) appealed (still do) to
cheapskate cowboy coders who have little
understanding of robust programming
disciplines.
One example (and by all likelihood the culprit
allowing these exploits) is PHPs <i>string
interpolation</i>. What was a neat idea for
automation scripting on the command line has
turned into a disaster on web-facing scripts.
PHP: Just like windows.
Well, there's a difference, a huge difference. PHP is completely exposed, it's naked so it cannot use smoke or mirrors to fool you into believing that it's something you can trust.
Please, enough with the excuses
They ALL get hacked, let it go.
hahahahaha
coding? there are lots of safe php websites out
there. .net, java, coldfusion, ruby, none of those
are safe if you dont filter out things like sql
injection. your argument is totally irrelevant.
ps. i am a .net developer so im not defending php
or open source.
The same thing that happens when
read above...
shoddy programming has no excuses, os, platform,
framework or language. they are all tools to help
developers build applications. the same thing
happens in construction, you get bad poorly built
houses that leak at the first sign of rain if they
arent built to spec.
Robust programming disciplines.
That's something we did in the 1960's and 70's out of necessity.
Webmasters indeed!
RE: UK university websites hijacked; selling Viagra etc.
Bit picky?
American educational institutions are .edu domains
University of Kansas - http://www.ku.edu/
Kansas State University - http://www.k-state.edu/
Kent State University - http://www.kent.edu/
etc.
RE: UK university websites hijacked; selling Viagra etc.
Gun clubs in the United Kingdom
See below for content pasted from the gun club I was a member of for many years.
Based in Birmingham, West Midlands, the 49th Rifle & Pistol Club can offer:
A club run BY members FOR members.
A yearly subscription - (no 'green fees').
Ranges for:
Rimfire & Centre Fire Small Bore & Large Bore.
Full Bore Target Rifles.
Black Powder Pistols.
Air Rifles & Pistols.
Expert coaching and tuition in many shooting disciplines.
Help and advice on many aspects of sports shooting and procedures.
UK gun law
.. with the obvious exception of criminals of course.
And the legality of .22 & blackpowder is little consolation to those of us who had thousands of pounds worth of big-bore gear legally stolen by the government, & to hell with the 'compensation', theft is theft.
Revolvers, Yes...Disarmed, No...
you can still other firearms such as shotguns &
rifles.
Sorry, wrong.
Actually...
http://www.met.police.uk/firearms_licensing/faqs
.html, from which I quote:
"Can I own a handgun?
Handguns are banned in England. This applies to
any firearm with an overall length of less than
30 cm. However muzzle-loading handguns are
permitted."
Air pistols are not classified as a hand gun,
and blackpowder are muzzle loading.
Long barrelled pistols?
RE: UK university websites hijacked; selling Viagra etc.