Experts On Hundreds Of Mega-corp Websites Hijacked

As reported by The Register, more than 240 website subdomains belonging to organizations large and small, including household names, were hijacked to redirect netizens to malware, X-rated material, online gambling, and other unexpected content.

These big names are said to include Chevron, the Red Cross, UNESCO, 3M, Getty Images, Hawaiian Airlines, Arm, Warner Brothers, Honeywell, Autodesk, Toshiba, Xerox, the NHS, Siemens, Volvo, Clear Channel, Total, and more. And it’s all due to the way they were hosted in Microsoft’s Azure cloud.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
July 7, 2020 10:14 am

Leaving domains vacant after any sort of use is a typical slip up by the site owners but this may hopefully highlight the need for extra support by Azure and alike.

Losing control to subdomains may seem like a low impact threat but it can leave damaging consequences, for example when in phishing emails. It can also lose the faith of customers, who see this as an easy issue to fix.

If you see any phishing emails with downloadable attachments from links to any of these firms, it is recommended to avoid them and go via the genuine sites if needed.

Last edited 2 years ago by Jake Moore
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x