Universities and schools hacked to sell Viagra and porn

Posted by Emma Woollacott

Educational websites around the world, including MIT and Berkeley, have been hacked to include links to sites selling products such as Viagra and Cialis.

Oxford, UK - Educational websites around the world, including MIT and Berkeley, have been hacked to include links to sites selling products such as Viagra and Cialis.

The hacked sites are falling victim to cross site scripting and hackers exploiting loopholes in badly designed and outdated software. Cross-site scripting (XSS) is code injection by malicious web users into the web pages viewed by other users and accounts for roughly 80 percent of all documented security vulnerabilities as of 2007. Often, during an attack, everything looks fine to the site owner.

By sneaking a page onto a trusted domain such as a government or educational website, hackers can quickly gain top search engine rankings without the effort of creating their own site.

In the US, victims include MIT, Berkeley and the University of Massachusetts (UMASS). One Berkeley page links to a US site selling Viagra and Cialis called Secure Tabs.

UMASS page links to a Canadian site called United Pharmacy. The site, which sports a rather fetching picture of a George Clooney lookalike in a white coat, sells Viagra and Cialis. A spokeswoman for the university told TG Daily she knew nothing about the hack and could not comment, but that the university would look into it.

The Massachussetts In situte of Technology (MIT) plays host to dozens of links to porn videos through pages such as mit.edu/~jtorres9/www/torresvideo/porn-hub.

The UK has fallen particularly foul of the hackers, with hundeds of victims including schools and local government websites and forums. Backup Technology and Branded 3 found sites including several infant schools that link to lesbian porn sites.

The phenomenon is potentially very damaging for the organisations concerned, according to Patrick Altoft, director of search at Branded 3. "As soon as these hacks are detected, Google automatically downgrades their search results, so if there's a security hole that website suddenly starts getting fewer visitors. Google wants to protect its visitors so it downgrades that result so fewer people read it," he told TG Daily. "They are talking about bringing in an automatic warning, but they haven't done it yet."

* Update The University of Massachusetts acted fast to remove the links after we contacted it.