Betting houses, casinos, pornography platforms and other criminal organizations’ websites are taking advantage of security breaches in public authority websites to appear in Google searches. City halls, universities, Fire Departments and other organizations appear to be affiliated with the pages even if there is no official affiliation.

Seems like, HEexecution is a result of exploiting a vulnerability in the structure of legacy pages. A simple search for the terms “tiger game” or “betting” already reveals some of the official pages affected by the vulnerability.

When clicking on one of the links added by Google, the user is redirected to the official page, but then redirected to the malicious website.

AND It’s impossible to count how many official platforms are affected by the issue and for now there is no official investigation into how many portals are affected.

HE TecMundo investigated the issue and found pages containing domain names linked to betting sites from the Federal University of Rio de Janeiro (UFRJ), the city hall of Governor Edison Lobão (MA), and the Acre Fire Department.

What does space consist of?

Such attacks are colloquially called “falrif”. (“deformity” in Portuguese). The practice basically involves changing the appearance of a website through server injections.

It’s unclear what loophole was exploited to affect so many sites with official domains, and it’s likely multiple flaws were exploited to affect so many pages. According to cybersecurity expert Renato Borbolla we interviewed TecMundoThere are several methods.

“It could be due to a security vulnerability. [nos servidores] or that [cibercriminoso] You may have received a leaked credential from a web server reserved for maintenance, page creation, or administration. With this, pornography, gambling or another fake structure is established. phishing, but it is linked to the ‘gov.br’ website,” Borbolla said.

But the goal is clear: abuse the relevance and authority of these pages in Google rankings This Leverage user trust On official domains to attract visitors.

HE

“They take advantage of this: using the government website displayed at the beginning of a Google search and using SEO and Google Analytics strategies to create meta tags and appear in response to searches,” explained the expert.

To carry out this defacement of the website, the attacker doesn’t even need administrative credentials. It just needs to find and exploit the loopholes available on the servers and add its own address, thus taking advantage of the relevance of URL addresses.

According to website Soil, Most of the affected websites are from town halls. On the portal, I heard Maria Alexandra da Cunha, technologies and governments coordinator at the Center for Public Administration and Government Studies at Fundação Getúlio Vargas, say: mentions that these pages often do not have good protection against such vulnerabilities That’s why they become easy prey.

Infestations in droves

Only an in-depth investigation of infestations can trace the path to the perpetrator of criminal injection. However, for now, this issue has not been investigated by the authorities.

However The abundance of such infestations shows that users should be careful with the links they find on the internet., even if it is state domain. It is important to check whether the page in question is official or not using different methods.

Clicking on links is usually harmless, but it's important to be careful when giving out personal information.  (Image: Igor Almenara/TecMundo)

“Security today is a utopia, but we are trying to make the attacker’s attempts to infiltrate as difficult as possible,” Borbolla said. “The biggest problem is that ‘security’ is seen as an expense rather than an investment,” he argued.

Borbolla pointed out that removing a fake page is not such a simple task. Since the page has a government domain, an in-depth investigation is required to understand the legitimacy of the infestation, its origin, and proper cleaning of the server.

What are the risks of accessing a fake page?

In most cases, clicking on one of these pages does not pose any danger. Since these pages promoting betting sites or pyramid schemes are purely for advertising purposes, they should not pose a threat to a computer with a properly updated operating system. But this does not mean that you should be careless.

“The risk of both data loss and financial loss is great for the user in cases such as providing credit card information or Pix transfer,” the cyber security expert said.

Fraud

In any case, this It is important to pay attention to the pages accessed there. and avoid clicking on download links. Rogue pages like this can take advantage of this route to actually invade the victim’s computer.

Other side

HE TecMundo Governor Edison Lobão’s city hall contacted the Acre Fire Department and UFRJ consultants. Neither organization had responded to the lawsuit with responses by the close of this article.

The report also contacted Google, which has yet to comment on what happened. The text will be updated if government bodies and big tech comment on the issue.

Source: Tec Mundo

Previous articleGet the great iPhone 12 for only 300 euros with this crazy Amazon offer
Next articleAshley Madison: Remember the scandalous data leak from the cheating site
I am a passionate and hardworking journalist with an eye for detail. I specialize in the field of news reporting, and have been writing for Gadget Onus, a renowned online news site, since 2019. As the author of their Hot News section, I’m proud to be at the forefront of today’s headlines and current affairs.

LEAVE A REPLY

Please enter your comment!
Please enter your name here