Bug causes Amber Alert page and gov pages to redirect to PORN sites

[Wilhelm]

A number of government webpages were hit by a redirect bug that sends unsuspecting users to hardcore porn sites with disturbing content like bestiality
The Department of Justice's Amber Alert page, as well as Weather.gov were hit
Porn bots may have hit government sites as a way to boost their search rankings

By Annie Palmer 

 

Published: 22:58 BST, 18 April 2018 | Updated: 23:13 BST, 18 April 2018

Several government websites are mistakenly sending users to hardcore porn sites. 

The Department of Justice's Amber Alert webpage, as well as the Department of Commerce's Weather.gov and the National Oceanic and Atmospheric Administration (NOAA) webpages both seem to have been hit by the redirect bug. 

In some cases, it redirects users to porn sites with names like 'schoolgirl porn' and 'girl v dog porn'.    

 

Pictured is a sample of the porn sites that unsuspecting users were redirected to when they visited government websites like the Amber Alert, NOAA and weather.gov webpages

The issue seemed to be resolved on most websites as of Wednesday afternoon, after being spotted on Tuesday evening. 

The bug is particularly crass to have affected the Amber Alert website, as its an alert system used by law enforcement to help find abducted children. 

Porn bots most likely hacked the sites in order to help boost their rankings on Google's PageRank, according to Gizmodo, which first spotted the bug. 

Unverified redirect pages are a common problem across the web.  

PageRank is an algorithm developed by the tech giant that rates webpages based on how many times other sites link to a page. 

When a webpage rates higher on the PageRank system, it's more likely to appear closer to the top of Google search results.  

To an unsuspecting internet user, the bug looks convincingly real. 

To an unsuspecting internet user, the bug looks convincingly real. The Amber Alert page (pictured) displays a fake notification page saying that you're about to visit a third-party site

When you visit the Amber Alert website, it would generate a fake notification page that says: 'You are now leaving a Department of Justice Web site. You are about to access: https://fxporn.pro/'

The notification page even has the Department of Justice logo and the Amber Alert logo.   

Some of the sites affected by the redirect bug were still appearing in Google search results on Wednesday afternoon, but clicking on the link generates a '404' error page. 

As Gizmodo pointed out, the bug is particularly ironic given that FBI director Christopher Wray has called strong encryption on devices an 'urgent public safety issue'. 

Some of the sites affected by the redirect bug were still appearing in Google search results on Wednesday afternoon, but clicking on the link generates a '404' error page

Pictured is a fake redirect page on the National Weather Service website that directs users to a site featuring an 'erotic movie'

This is part of the bureau calls the 'going dark' problem, wherein its hard for law enforcement officials to unlock phones or other devices that have strong security and encryption. 

The bug shouldn't be considered a security flaw, but it could cause unknowing users to download malware or send them to scammy webpages as part of a phishing scam, Gizmodo said.

The notification pages warn users that they're about to leave a government website, but even if the user doesn't click on the page, it'll automatically redirect you to the porn site.  

As of Wednesday afternoon, many of the malicious redirect links weren't working. Instead, they generated a 404 error page (pictured). 

WHAT ARE THE MOST COMMON TYPES OF VIRUS FROM PORN?
There are ten digital STIs that can harm your device when you're looking at adult content, according to computer security firm Kaspersky Lab.

 

These are:

1. Trojans – They might masquerade as innocent programs, but they carry a harmful payload.

2. Drive-by downloads - Cybercriminals look for insecure web sites and plant a malicious script into the code on the pages. These take advantage of any unpatched applications on your computer and infect them automatically

3. Click-jacking – Click-jacking involves tricking someone into clicking on one object on a web page while they think they are clicking on another. Clickjacking can be used to install malware, gain access to a victim's online accounts or to enable their webcam.

4. Tinder bots – These are automatic programs designed to masquerade as real people on a dating site to lure users into clicking on them, with the aim of tricking the victim into disclosing confidential data.

5. Cat-Phishing - This is when cybercriminals pose on dating sites or chat rooms, encouraging people to click on links for live sex chat or adult images.

6. Ransomware - Cybercriminals use 'blockers' to stop the victim accessing their device, often telling them this is due to 'illegal pornographic content' being identified on their device. Anyone who has accessed porn online is probably less likely to take the matter up with law enforcement.

7. Worm - This is a program that replicates, but does not write its code to other files: instead, it installs itself once on a victim's device and then looks for a way to spread to other devices.

8. Pornware – This could be a legitimate program, but might be adware installed by another malicious program, designed to deliver inappropriate content to the victim's device.

9. Spyware - Software that enables an attacker to secretly obtain information about the victim's online activities and transmit it covertly from their device.

10. Fake Anti-virus - Fake anti-virus programs prey on people's fear of malicious software which they believe may have been installed whilst looking at porn.

'Anyone can use this page to redirect someone to another potentially malicious site,' Adriel Desautels, CEO of Netragard, which tests security at a variety of companies, told Gizmodo.

'For example, this could be used to redirect an unsuspecting victim to a site that deploys malware'

'It doesn't really put the DOJ at risk, but it puts people on the internet at risk and oddly seems to be helping the porn industry,' he added.     

It wouldn't be the first time that hackers have planted malware and other viruses on porn sites. 

A recent study by Moscow-based computer security firm Kaspersky Labs found that there are at least 27 variations of PC malware which specifically hunt for credentials to paid adult content websites. 

Attacks on users range from tracking key strokes and stealing passwords to 'click-jamming', which fools people into clicking on one links when they think they are clicking on another.

Malware, ransomware and Trojans are all commonplace throughout adult sites. 

3/10 adults contracted a digital virus after looking at porn