The Transportation Authority of the City of Marin County is hacked to pieces, serving malware and porn.
Here’s the website:
But here’s a sampling of what’s actually hidden away there on their servers, which a simple Google search provides (warning: graphic content).
Click on one of those links, and you get redirected to a porn site pushing malware:
Ok, so this happens and we see it all the time. I contacted them today by email, but another security researcher here also tried vainly to contact them yesterday. As she tells me “I sent them 2 emails and left a message on their voice mail at the number on the site. They have not responded and the site is still hacked up the ying-yang today.”
Here’s a suggestion: If you have a public facing site, make it easy for people to contact you. And read the emails when they come in.
We had better luck today with a government agency. We emailed the contact, and were provided with a phone number. A pleasant call was had, and they are working to clean their site (the only problem being the site is hosted somewhere else). But at least we got someone.
Alex Eckelberry