Friday, February 28, 2014

Website of U.S. Commission on International Religious Freedom Hacked, Malware Found [Updated Again]

UPDATE: As of Friday morning, access to the site was no longer blocked.  But the diagnostic page with the detail of the intrusions remains.
UPDATE 2: I received an email back from the USCIRF explaining the problem:

Thanks for your inquiry we have been migrating the site to a new design and there was a problem with a redirect that triggered the Google alert. The redirect has been corrected and alert is removed.

    From Obamacare's contraception mandate to Arizona Governor Jan Brewer's recent veto of her state's Religious Freedom Restoration Act, many feel that religious freedoms are increasingly under attack.  The attacks took on a cyber-twist this week with a hacking attack on the website of the United States Commission on International Religious Freedom.   The attack was deemed serious enough that Google has blocked access to the site from its Chrome browser; instead, the following screen appears:

    Google provides a detail of the attacks that the company has detected which prompted the warning. Google testing revealed that visiting "27 page(s) resulted in malicious software being downloaded and installed without user consent."  Google found malicious software on the site, including a "trojan" of which it is reported that "Successful infection resulted in an average of 3 new process(es) on the target machine."

    There is some ambiguity in Google's warning as the statement "this site has not hosted malicious software over the past 90 days" also appears.  This may be a reference to third-parties being responsible, as well as hackers using the site to "function as an intermediary" to infect other sites.

No comments:

Post a Comment