HomeForumsEducation

Hackers plant pages on university web sites

No replies
Wed, 08/18/2010 - 21:47
JaniceT
Offline
Joined: 03/16/2010
Posts:
Printer-friendly versionSend to friendPDF version

Inside university servers, unauthorized pages are planted by hackers. No schools knew that the pages existed on their servers. The pages sent more money and traffic to the hackers, though it doesn’t appear any personal details was breached.

Resource for this article: Hackers plant pages on university websites

Higher education websites host hacker pages

The hack on dot-edu extension sites used departmental websites, student pages, or upload functionality to create these fake pages. These pages appear to be intended to send site traffic to for-profit websites. The links on these college websites helped the hackers improve search engine rankings, also as creating the appearance that the university was endorsing the page. When university webmasters and I.T. departments were contacted, they confirmed that they weren't aware of these websites. As of 3 p.m. Pacific Time Wednesday, many of the universities contacted were already removing these unauthorized pages.

Hacked pages linked to Street Smarts of Ohio

The company Street Smarts is the registered owner of the domain names belonging to the redirected sites and also the unauthorized websites. When called for remark, the phone number listed on the site registration told the caller only “wrong number”. Shortly after the calls for comment, the web sites appeared to be taken offline. In 2008, there was a comparable hack of both government and educational websites. This 2008 hacker attack embedded JavaScript into domains ending in dot-edu and dot-gov that redirected visits to government and educational web sites to one of three pages, or pages that differed only in name -- myhome-loan-expert.com, latest-mortgages-rates.com and creditloansrates.com. Some of the web sites uploaded in this most recent attack on educational sites incorporated an out-of-service phone number in Texas. A search of that phone number revealed, however, hundreds more web sites with this exact very same JavaScript-coded redirect. The code on the redirected and unauthorized online websites appear to be nearly identical in CSS, JS, and HTML. To put it simply, the exact same business likely perpetrated both attacks.

Risk to the student’s personal information

This hack of educational websites tries to make money off phony data and exploits the good name of schools. This security hole does not appear to have released any information. In other words, the hackers could get data in, but apparently could not pull information from the university computer systems. If security holes like this aren’t fixed, though, they can later be used to gain access to details like social security numbers. Security holes like this must be closed very easily, because education is happening a growing number of often online.

The danger lurking within security exploits

A security breach such as this can make it easy for scammers to gather personal details without visitors to the site ever knowing. The webpages created for this attack look very much like legitimate university sites. Identity theft and fraud are both dangers of entering personal info on web sites such as this.

Schools that had their web sites hacked

This is not a complete listing of educational institutions affected by this attack. These are merely 50 schools which were found to have unauthorized pages with a single search. You should do a very extensive search for these unauthorized pages if you are the webmaster or administrator for an educational website.

  1. Beacon University
  2. Harvard University
  3. McNeese University
  4. Northeastern Illinois University
  5. Cornell University
  6. Georgia Tech
  7. The Browning School
  8. Valparaiso University
  9. Los Rios Community College District
  10. East Central University of Oklahoma
  11. Rutgers University
  12. Yale University
  13. University of Texas Medial Branch
  14. Stony Brook University
  15. Saint Xavier University
  16. Hardin Simmons University
  17. Arizona State University
  18. Stanford University
  19. Austin Independent School District
  20. Smith College of Massachusetts
  21. Highpoint University
  22. Rensselaer Polytechnic Institute
  23. Catholic Theological Union
  24. University of Washington
  25. Westminster Theological Seminary
  26. Lake Forest College in Chicago
  27. Southeastern Louisiana University
  28. American Samoa Community College
  29. Columbia College of Chicago
  30. University of Arkansas Fort Smith
  31. UC San Diego
  32. University of Scranton
  33. Piedmont Technical College
  34. Assumption University of Thailand
  35. Chemeketa Community College
  36. Information Sciences Institute at the University of Southern California
  37. University of Tennessee Martin
  38. The City University of New York
  39. Milwaukee Institute of Art & Design
  40. Instituto Guatemalteco Americano
  41. The University of Utah
  42. Juniata College
  43. Ohio State
  44. California State Christian University
  45. Sharif University of Technology
  46. The University of North Carolina at Chapel Hill
  47. Brigham Young University
  48. The University of Arkansas
  49. The University of Virginia

 

‹ Master of Science thesis on documentary credits (help and suggestions) special condition listed on Transfer LC ›
Top