NASA web site hacked and serving malware/spam

Some sites under NASA’s Jet Propulsion lab ( http://jpl.nasa.gov/ ) have been hacked and are being used on the infamous blackhat SEO Spam network. Not only that, but they are also serving malware to unsuspicious users.

The sites in question are http://ki.jpl.nasa.gov/, http://aviris.jpl.nasa.gov/ and a few others. Most of these malicious pages are well hidden in the site, for example at http://aviris.jpl.nasa.gov/cgi/ch/.cache/levitra-drug-impotence:

NASA with spam

You can also search on google for “cialis canada inurl:nasa.org” to find a few more pages and sites infected:

NASA Spam on google

We will post more details once we have it. Hopefully they will fix it pretty soon.

Update 1: http://esc.gsfc.nasa.gov/ seems to be hacked as well


Is your site hacked with spam or malware? Visit http://sucuri.net to find the solution for it.

Scan your website for free:
About David Dede

Sucuri Security bot (crazy work) - Malware research updates, sucuri news and more.