MacHouse video tutorials for Mac search engine optimization Spam database Web Hosting providers Web Hosting review web hosting providers MacHouse Help

June 20, 2008

San Diego State University Website Hacked and Exploited

Filed under: Internet security — Administrator @ 5:56 pm
Posted about 2 years and 2 months ago

anti spam






TOKYO (MacHouse) - San Diego State University has its website at http://sdsu.edu. (See Screenshot 01.) There is a subdomain website at http://www-rohan.sdsu.edu. ROHAN Academic Computing WWW Server seems to be used to host webpages of University’s students and faculty. (See Screenshot 02.) They have a groupware PHP software script called Tiki 1.8.5 - Polaris at http://www-rohan.sdsu.edu/tikiwiki-1.8.5/. (See Screenshot 03.)





sdsu.edu San Diego State University ROHAN Academic Computing WWW Server Tiki 1.8.5
Screenshot 01 - Source: sdsu.edu		   sdsu.edu San Diego State University ROHAN Academic Computing WWW Server Tiki 1.8.5
Screenshot 02 - Source: sdsu.edu		   sdsu.edu San Diego State University ROHAN Academic Computing WWW Server Tiki 1.8.5
Screenshot 03 - Source: sdsu.edu






An organized cyber criminal group appears to have hacked and exploited ROHAN Academic Computing WWW Server. They have installed ill codes/pages so that they can redirect Internet users to other sponsor websites.





sdsu.edu San Diego State University ROHAN Academic Computing WWW Server Tiki 1.8.5
Screenshot 04 - Source: sdsu.edu		   sdsu.edu San Diego State University ROHAN Academic Computing WWW Server Tiki 1.8.5
Screenshot 05 - Source: sdsu.edu		   sdsu.edu San Diego State University ROHAN Academic Computing WWW Server Tiki 1.8.5
Screenshot 06 - Source: sdsu.edu






The cyber criminal group seems to have installed ill codes right under the subdirectory of tikiwiki-1.8.5. So whether you access http://www-rohan.sdsu.edu/tikiwiki-1.8.5/2005/ (See Screenshot 04.) or http://www-rohan.sdsu.edu/tikiwiki-1.8.5/555555555555555/ (See Screenshot 05.), you will eventually end up with similar spam ad content. (See Screenshot 06.)






Click on the button to watch a documentation video. VTC
Click on the button to watch more documentation videos. VTC





********** ********** ********** ********** ********** ********** ********** **********

MacHouse is not funded by tax payers' money. We have limited resources. We also need time to sleep and eat just as others. So we will not act as the International police to contact all victims of website abuse. All you have to do is to subscribe to spam messages and spam posts. If we can, why don't you?







Leave a Reply


You are prohibited from posting comments merely to advertise your website. Please read Rules and About This Blog at the top menu bar for more information.

Because of spam-comment criminals, we are forced to manually moderate every comment that you may post. Your comment will appear only after we review and then approve it. It will take us several hours at most to review it.

Please note that all one-sentence comments will be automatically rejected as an anti-spam measure.

Subscribe without commenting