California · Ars Technica
Why are top university websites serving porn
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
Websites for some of the world’s most prestigious universities are serving explicit porn and malicious content after scammers exploited the shoddy record-keeping of the site administrators, a researcher found recently.
Key facts
- Subdomains such as hps://causal.stat.berkeley.edu/ymy/video/porn-girl-and-boy-ej5210.html, hps://conversion-dev.svc.cul.columbia[.]edu/brazzers-gym-porn, and hps://provost.washu
- In all, researcher Alex Shakhov said, hundreds of subdomains for at least 34 universities are being abused
- The sites included berkeley.edu, columbia.edu, and washu.edu, the official domains for the University of California, Berkeley, Columbia University, and Washington University in St. Louis
- Inquiries sent to UC Berkeley, Columbia, and Washington University didn’t receive responses before publication
Summary
The sites included berkeley.edu, columbia.edu, and washu.edu, the official domains for the University of California, Berkeley, Columbia University, and Washington University in St. Louis. In all, researcher Alex Shakhov said, hundreds of subdomains for at least 34 universities are being abused. Shakhov, founder of SH Consulting, said that the scammers—which a separate researcher has linked to a known group tracked as Hazy Hawk —are seizing on what amounts to a clerical error by site administrators of the affected universities. With that, they have now hijacked that university’s subdomain. The root cause is simple: organizations create DNS records and never clean them up.