Seeing NSFW Ads on Government Sites? Here's Why MUO

fortnite skins free generator

Make your link do more. You can also upload html code with an public url. Do you how to get free fortnite skins?

Stumbled across unsuitable adverts on US government websites? You're not alone, but why are spammy adult ads appearing on govt sites?

Only government and public sector organizations based in the United States are eligible to get a .gov domain, which is a sponsored top-level domain administered by the Cybersecurity and Infrastructure Security Agency.

Citizens turn to government sites to find credible information on issues ranging from voting to stimulus checks, and it's safe to assume that the last thing one would expect to see on a government-affiliated webpage is a NSFW (not safe for work, explicit) advertisement for Viagra, or a link to an adult video site.

But that's exactly what's been happening for over a year.

NSFW Ads on Government Sites

As reported by Vice, NSFW ads and links have been spotted on 50 different government subdomains, and it will probably take a while before they are removed.

A simple Google search reveals that a site affiliated with Sandpoint, Idaho, was displaying ads for a supposed Robux generator (Robux is the in-game currency for the popular game platform Roblox).

Vermont Attorney General TJ Donovan's official government website, meanwhile, featured spammy ads for supposed Fortnite skins and V-Bucks generators.

Laserfiche Software Vulnerability

According to cybersecurity researcher Zach Edwards, who first uncovered the issue, government and military sites are hosting NSFW content due to a vulnerability in software provider Laserfiche's content management systems.

The company has contracts with several government agencies, including the Federal Bureau of Investigations (FBI).

The now-patched vulnerability allowed third parties to push files to .gov sites without the site owners' permission. In other words, black hat SEO specialists took advantage of this vulnerability to boost their own sites.

"This vulnerability created phishing lures on .gov and .mil domains that would push visitors into malicious redirects, and potentially target these victims with other exploits," Edwards explained to Vice.

Edwards has been reporting this to affected .gov sites for months and even detailed his findings in a YouTube video, which can be viewed below.

https://www.anrdoezrs.net/links/7251228/type/dlg/sid/UUmuoUeUpU2002829/https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D7T1HBpO_Xlw

Laserfiche Released An Update

In a blog post earlier this month, Laserfiche acknowledged that the vulnerability is being used as an active exploit and released a security update. In addition, Laserfiche released a simple cleanup tool to help affected customers scrub their pages of NSFW content.

The fact that black hat SEO specialists successfully targeted government websites shows how important it is to have proper protection in place.

Keeping content management systems, plugins, and scripts up to date is a must for any webmaster. Security plugins are also a good investment, especially for those who use WordPress.

Related Posts