14 DAY TRIAL // Oh God, here's another .gov website (the domain which is supposed to be among the most secure on the web) hacked and infected with porn. Alex Eckelberry, of Sunbelt, wrote on the official blog of the security company that numerous common searches return malicious results, which are meant to redirect the users to infected websites. This time, the one affected by the attack has been the South Carolina State Library. At the time when this article is being written, the infected pages still exist.
In fact, the entire exploitation is conducted through a fake porn movie, claiming it needs a special codec to start. A pop-up window opens and asks the user to install the file. "Message Box Object Error. Video ActiveX Object Error: Your browser cannot display this video file. You need to download new version of Video ActiveX Object to play this video file. To download and install ActiveX Object click Continue," the error message reads.
The downloadable file has 110KB and is called VideoAccessCodecInstall.exe. "On a quick look, looks like a DNS hack," the Sunbelt official wrote on the blog.
In the recent days, we have seen an avalanche of such threats on the web, many of them affecting the .gov pages. For example, last Friday came with the hack over the Transportation Authority of Marin, which had been affected by a similar infection.
Usually, the hackers targeting the .gov websites attempt to obtain a higher PageRank in Google's or any other search engine's results, in order to display every time an ordinary user types a common search query. This way, they can attract more potential victims on the malicious websites and launch the attacks over the vulnerable systems.
There are numerous ways to remain protected in front of these attacks. The best solution would be avoiding visiting these pages, as they might contain all sorts of infections, such as worms and Trojan horses. In case you reach one of these malicious websites, trying to stay away from the downloads would be the most efficient solution. And don't forget to keep your antivirus enabled and up-to-date with the latest virus definitions. Just in case...