Major US university websites hacked to show Fortnite spam

Criminals are aiming to steal Fortnite user accounts, and is using websites belonging to American universities to do so.  A new report fro...

Criminals are aiming to steal Fortnite user accounts, and is using websites belonging to American universities to do so. 

A new report from BleepingComputer claims to have found an ongoing phishing campaign leveraging compromised websites belonging to Stanford, MIT, Berkeley, UMass Amherst, Northeastern, Caltech, and other universities.

Tipped off by Twitter user g0njxa, the publication says that there are multiple websites, powered by TWiki or MediaWiki (content management systems and web app platforms), that are hosting Fortnite and gift card spam sites.

No free lunch

Apparently, someone managed to compromise these websites and upload wiki pages that promote fake websites that offer free gift cards and free Fortnite in-game currency, among other things. 

Visitors that click the links promoted on these pages will see a login form mimicking Fortnite. Should they try to enter their credentials, they’d give them directly to the attackers. 

“Are you an avid Fortnite player looking for the most efficient way to get your hands on V Bucks? If so, you've come to the right place!” one of the malicious pages reads.

Besides university sites, some government websites were also abused for the same purpose, the publication claims, mentioning mini-sites hosted by a Brazilian state government, as well as European Union’s Europa.eu. In the latter’s case, the Europass e-Portfolio service (a job search portal) seems to have been leveraged. 

Aside from BleepingComputer, no cybersecurity researchers have yet joined the investigation, it seems. At the moment, we don’t know who is behind the attack, or if they used any malware, or leveraged any zero-day vulnerabilities, to compromise these websites. The publication says that MediaWiki released security updates last month, but none of those addressed this campaign.

System admins operating MediaWiki and TWiki sites should run a search on their sites for malicious content such as “gift card”, “Fortnite”, and similar. 

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/K4UvazF
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,183,Video,5,XIAOMI,13,YouTube - 9to5Google,182,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Major US university websites hacked to show Fortnite spam
Major US university websites hacked to show Fortnite spam
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2023/04/major-us-university-websites-hacked-to.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2023/04/major-us-university-websites-hacked-to.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy