Your Fly Is Open

Netmenaces and Other Internet Stupidity

Partly Cloudy With a Chance of a Colon Clense

2016-05-10 1 min read attacks

Let’s talk about one of the lesser known dangers of running a website with an open redirect, shall we?

Apparently, the folks over at the National Weather Service have an open redirect that the Search Engine Optimization (SEO) scammers have latched onto. Either that, or the fine folks at the NWS have areas of interest that go way beyond cloud formations, humidity, and precipitation.

This Google search finds all sorts of interesting stuff that the NWS is SEO boosting…

NWS Redirects

-TL
Tom Liston
Owner, Principal Consultant
Bad Wolf Security, LLC
Mastodon: @tliston@infosec.exchange
Twitter: @tliston
May 10, 2016

UPDATED: I’ve found a few more .gov sites with redirects that are being used by SEO scammers:

  • Here is one for www.weather.gov (which appears to just be the same NWS site as above)
  • Here is another one that continues the “weather” theme - aviationweather.gov
  • Here is one for the National Highway Transportation Safety Administration
  • Here is one for The Commodity Futures Trading Commission
  • Here is one for the town of Cedar Park, TX
  • Here is one for the town of Knightdale, NC
  • Here is one for the town of Costa Mesa, CA

(Is there some crappy template for “city” websites somewhere?)