Hacker News new | ask | show | jobs
by mtlsnk 383 days ago
These subdomains/sites are most likely misconfigured in such a way that malicious actors are able to redirect to/host anything they wish.

There was a blogpost here on HN about this, showing that (Roblox/Robux) scams were also seemingly hosted on .gov sites. I can't find that post anymore.

Here is a publication related to what you've found: https://cofense.com/blog/threat-actors-exploit-government-we...
1 comments
justbeingbored 383 days ago
I think you are right. A bunch of them appear to be some sort of redirect attack (I'll have to read that link you posted). In other cases I see the just upload files directly such as: https://www.rld.nm.gov/wp-content/uploads/2025/06/z7ot3u38jf... or in that original link I posted it looks like they took over the entire subdomain somehow.

I have quite a few more examples but they are too explicit to post.

My thought on this matter is, if we can't get this contained now on .gov websites then how will we be able to handle malicious spammers when they fully realize the power of AI driven spam attacks? I think things will get out of control real fast very soon.

link
baobun 382 days ago
I guess at least the EU are lining up to put up an iron curtain once they get all the locals KYCd for EUnet.

https://news.ycombinator.com/item?id=44168134

link