UConn Website Compromise Plugs Malware Download Prompt | Hacked: Hacking Finance
user

UConn Website Compromise Plugs Malware Download Prompt

Introduction

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


LATEST POSTS

Total Coverage 22nd August, 2017

ChronoPay Looks to Kickstart Bitcoin Adoption in Russia 29th May, 2017

Bugs

UConn Website Compromise Plugs Malware Download Prompt

Posted on .
This article was posted on Monday, 23:42, UTC.

The University of Connecticut’s website was the target of a cyberattack on Sunday, prompting visitors with a dialog box to download a malicious program pretending to be an updated version of Adobe’s Flash Player.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The official website of the University of Connecticut was the subject of a compromise late Sunday, according to the University’s newspaper, the Daily Campus.

While technical staff claim to have resolved the issue, visitors continued to experience the malware-laced dialog box for “some time”. In an emailed statement to the newspaper, UConn deputy spokesman Tom Breen also stated that it is yet unclear as to how long the problem will linger, noting that “the impact wasn’t uniform” on all Internet service providers.

Notably, Breen added that the University does not see the incident impacting the start of winter intersession classes that commence Monday.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

A DNS Compromise

As revealed by Breen, the website’s DNS records were compromised around 19:15. The exploit occurred after Educause, the non-profit tasked with the maintenance of the DNS records saw the records changed to revert website users to a different location to the server hosting content for UConn’s website.

The exploit also extended to the website’s MX records that link “@uconn.edu” email accounts to the university’s server. Brenn told the publication that this hijack prevented the university’s staff to initially update the DNS records to revert back to UConn’s server rather than the one hosting the malware, with the sticking point being verification via email to authorize changes.

Although officials were eventually able to restore the default DNS records, cached changes ensured that problems persisted for visitors, who will have to wait until every ISP updates the information again.

Speaking to the publication, Breen stated:

Final resolution of the issue depends on the timeouts of various caches, from provider servers all the way down to individual computers.

A spokesperson for UConn wasn’t immediately available at the time of publishing when Hacked reached out for additional information about the compromise.

Featured image from Wikimedia.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Navigation
The team:
Dmitriy Lavrov
Analyst
Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
Jonas Borchgrevink
Founder
Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
Mate Csar
Analyst
Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
Mati Greenspan
Analyst
Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
Rakesh Upadhyay
Analyst
Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
Pamela Meropiali
Account Manager
Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
Joseph Young
Journalist
Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
If you thought the year for data breaches was over,…