A bad day for the OSU web

Oregon State University web space hacked

I almost forgot to post this… A few weeks ago, I was meeting with one of my advisees. I wanted to show them something on the OSU Registrar’s web site. When I arrived on the Registrar’s URL, the “Reported Attack Site!” warning appeared in Firefox. It turns out that several high-level OSU sites were hacked and that several were still suffering from residual hack effects.

Regarding sites being designated as containing malware, many sites will still show up as being malware until the services that browsers use to detect malware sites rescan and update oregonstate.edu sites.

Central Web Services web servers were subject to an attack this weekend. Due to this, a number of services have been temporarily disabled to CWS sites, including ssh and ftp access. Personnel are currently working to clean up this incident. Central Web Services hosts oregonstate.edu and many other sites in the oregonstate.edu domain.

For users accessing a web page, you may receive a message that states something similar to: “Warning: Visiting this site may harm your computer…site contains malware”. If you see this visiting oregonstate.edu (the Home Page), the calendar, or the campus map the issue is resolved.