These days, it seems that it can happen to almost anyone — Web site compromises are really, really out of control, and virtually anyone can be victimized when proper security measures are not taken.
Very recently, another government site became a victim of an SQL injection or XSS attack (possibly enabled by the site’s use of an older Web server application version) — the Web site of the Supreme Court of Nepal.
Figure 1. Screenshot of the legitimate Supreme Court of Nepal Web site, www.supremecourt.gov.np
After being hacked, this Web site was turned into a host for pornographic video (particularly named porno tv).
Unfortunately, this site also included (before being cleaned up) 157 other adult links.
Other than links, the hacked site also displayed a login page that can be used to gather email addresses for possible spam distribution.
Figure 2. Screenshot of the Supreme Court of Nepal after being compromised by hackers
We also observed the injected folder with adult HTML files, as shown below:
Figure 3. Screenshot of indexed folders pertaining to the site
This folder contained the porn files, but did not contain any malware as when we discovered it (it has also been cleaned up now, but we’re keeping an eye on it).
Trend Micro Smart Protection Network protect users from inappropriate content by classifying this site as Pornography, enabling users or administrators to block access to this category of sites.
Note that we have already informed the owners of the said site of our findings and that the site, as of this writing, is already clean.