[ad_1]
A UK Division for Transport (DfT) web site was caught serving porn earlier as we speak.
The actual DfT subdomain behind the mishap, on most days, supplies important DfT statistics for the general public and the division’s marketing strategy.
A really British thanksgiving
The UK DfT’s charts.dft.gov.uk web site was seen serving porn as we speak, as confirmed by BleepingComputer.
Up to now, the Charts subdomain has supplied marketing strategy paperwork and vital statistics on varied DfT providers similar to numbers on public transport utilization, roadway accessibility occasions, and driving assessments.
Though the location is now not reachable, as of some hours in the past, visiting charts.dft.gov.uk paved the best way for some racy visitors:
The mishap was first noticed by The Crow, which moreover noticed that your complete dft.gov.uk area was itself made to redirect to a WordPress plugin web page, whereas the Division appeared to examine the problem.
In our assessments, BleepingComputer noticed the official dft.gov.uk web site led to a password-protected WordPress web page residing at: eu-hauliers.dft.gov.uk.
The dangling… DNS
Though the precise explanation for the Charts mini-site serving porn isn’t identified, it seems the subdomain did have a CNAME DNS report pointing to an Amazon S3 occasion.
The offending (NSFW) occasion remains to be up at charts.dft.gov.uk.s3-website-eu-west-1.amazonaws.com, exhibiting illicit content material. Thankfully, charts.dft.gov.uk now not leads there.
What stays unclear is, if this was merely a case of area hijacking—that’s, a dangling AWS S3 occasion that the Charts website pointed to, was claimed by a risk actor and made to serve grownup content material, or did an attacker receive sufficient entry to DfT’s registrar’s techniques and altered the DNS entry for charts.dft.gov.uk.
The second situation is tougher to drag off and would elevate some severe questions on how safe the DfT’s digital infrastructure is.
This is not the primary time a authorities web site was caught serving express content material both.
In September this yr, U.S. authorities web sites have been spammed with viagra adverts and grownup content material after attackers exploited a vulnerability within the Laserfiche Kinds software program product, utilized by a number of authorities websites.
In July, guests to main information websites together with The Washington Submit and HuffPost noticed the embedded movies in information tales changed with porn after the vid.me area was acquired by a 3rd get together.
The entry to the principle DfT web site dft.gov.uk has since been restored. Nevertheless, the sysadmins appear to have pulled the plug on charts.dft.gov.uk altogether, which is now not accessible.
BleepingComputer contacted the UK DfT each by way of phone and electronic mail previous to writing and we’re awaiting their response.
[ad_2]
