Editor's note: this story will be updated regularly as the university releases more information on the topic.
Over the weekend, Wayne State was victim of a scam that left the heading of “cheap Viagra,” “Levitra” and other pharmaceutical drugs plastered on the university’s web server.
Chief Information Officer and Associate President of Computer and Information Technology Daren Hubbard said they discovered on the evening of June 4th that there were reports of search results that inserted links to “some pharmaceutical drugs that are not WSU related.”
He said both the C&IT and the Marking and Communications team worked together to get to the bottom of why pharmaceutical drugs, like Viagra, were popping up on WSU websites.
He said the scam seemed to affect the web server in search engines like Google. They discovered that the older content on WSU’s web server was vulnerable to these types of hacks. Hubbard said WSU was not specifically targeted, but was sought out by a googlebot that was looking for vulnerabilities in web servers.
“No data was lost or stolen during this time,” he said.
C&IT has overwritten the Viagra ads, but they are currently are working on re-indexing the sites that were affected.
“We are monitoring to see when they are all clear,” Hubbard said.
All sites have been or are in the process of being updated, so no pharmaceutical ads show up under the WSU website, he said.
“We have put protection in place so this doesn’t happen again,” he said. “We made sure to isolate it onto a single server, and we are working closely with our team to prevent future vulnerabilities with newer code,” Hubbard said.
This information seems to have been on the mind of WSU for years.
On April 26, 2008, Web Communications Director Nick Denardis wrote how WSU could use Google to search for compromised pages, , according to the WSU’s web communications website.
“As long as your site is not actively selling Viagra, you could potentially get a list of all the pages that a spam bot has exploited to mention and or link to Viagra content,” he wrote.
“Any form left on the web for too long without the proper ‘human’ checks in place before content is published could potentially be exploited. It is a never ending battle, the more interactivity the web gets the more chance a bot can exploit that interactivity for its own use.”
The university will be releasing more information soon about the incident.