University of Illinois Hacked

Friday, May 31, 2013 @ 04:05 PM gHale


Quite a few machines from the Department of Computer Science at the University of Illinois are suffering from malware-serving websites.

Security researcher Conrad Longmore has identified several cs.illinois.edu domains hosted on IP addresses involved in malicious campaigns.

RELATED STORIES
Turkish Hackers Hit a City Website
Domain Registrar Hacked
Indicted: $45 Million in 24 Hours
Ex Programmer Charged with Hacking

The list of affected domains includes tarrazu.cs.uiuc.edu, croft.cs.illinois.edu, tsvi-pc.cs.uiuc.edu, mirco.cs.uiuc.edu, ytu-laptop.cs.uiuc.edu, and node3-3105.cs.uiuc.edu, but there might be others as well.

The IP addresses and the malicious domains hosted on them connect to a malware spam run launched by a cybercriminal group dubbed “Amerika,” said Longmore. Amerika appears to be a Russian group that uses fake U.S. addresses for its WHOIS details.

The University of Illinois told Longmore a single machine from their network ended up compromised and officials cleaned up the device in question.

The Amerika gang is responsible for several spam campaigns, including ones that leverage the name and reputation of Amazon, PayPal, Walmart, ADP, LinkedIn and various other high-profile companies.



Leave a Reply

You must be logged in to post a comment.