• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Brazilian Government Websites Hacked with Spam

June 23, 2010David Dede

FacebookTwitterSubscribe

In the last few months we’ve been tracking a common technique being used by attackers: They hack a web site and use that as part of their link farm to build page rank for them on search engines. We posted many articles about similar spam issues in the past.

Recently, we’ve started to notice a lot of government web sites from Brazil in this list.

Some are fairly big sites:

http://www.ibama.gov.br – Environmental Ministry
http://www4.planalto.gov.br – Old Presidential Web site
http://www.inmetro.gov.br – Quality control ministry
http://www.cnen.gov.br – Nuclear Energy Commission
http://www.fazenda.sp.gov.br – Treasury from the state of Sao Paulo
http://inpa.gov.br – Amazon research institute
http://www.jfal.gov.br/ – Alagoas Federal Justice
http://inep.gov.br
http://ww.fundacentro.gov.br
http://www.eletrosul.gov.br
http://www.amprev.ap.gov.br
http//www.cvs.saude.sp.gov.br/
http://www.faetec.rj.gov.br
http://www.comprasnet.ba.gov.br
http://www.al.rs.gov.br
http://cmnovasoure.ba.gov.br


The list goes on and on. These sites have been hacked and the attackers added links to buy Viagra, “Cialis” and other spam on them. In fact if you search on Google for “viagra” on the .br sites you will see all of them:

SPAM on .gov.br sites

Spam on .gov.br

I think you get the drift with all the references to Inmetro, Ibama, Eletrosul, etc. What’s more scary than the SPAM itself, is that these sites are hacked and nobody is noticing it or taking any action to clean them up. Some of them are even blacklisted by Google and serving malware (like the fazenda.sp.gov.br/noticias/fazenda/):

Even the old Presidential web site (planalto.gov.br) is full of SPAM on it:

If you’re interested in researching more infected sites, do a Google search for “viagra soft” inurl:.gov.br or “cialis” inurl:.gov.br. It’s very easy to spot, and it’s a shame that no one is doing anything to take back control of their web properties. Our scanner can also easily identify these:

We’re continuing our research and will update as soon as we have a clearer picture of the scale of infected sites.


If your site has been hacked (or has spam / malware), and you need help, send us an email to support@sucuri.net or visit our site: Sucuri Security. We can get it cleaned up right away.

Also, consider checking out our site security monitoring. We will monitor your sites 24×7 and alert you if it ever gets infected with malware, hacked or blacklisted.

FacebookTwitterSubscribe

Categories: Website SecurityTags: Hacked Websites, SEO Spam

About David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.