The website of the Harvard Law School National Security Journal (harvardnsj.org) has been compromised. The attackers are abusing the site to promote various rogue pharmacies.
Privacy researcher and activist Christopher Soghoian is the one who first realized that the website of the National Security Journal had been hacked. Soghoian said he alerted Harvard of the breach last month. However, the site still hasn’t been cleaned up.
The expert has published a screenshot of the website with Java script turned off. The image shows that hidden links pointing to Canadian pharmacy websites have been inserted into almost every sentence in Volume 5, Issue 1 of the Harvard National Security Journal.
By injecting the links into the Harvard Journal’s website, the hackers are optimizing their sites by creating backlinks to them. This is a common Black Hat SEO tactic.
The source code of the website looks something like this:
The source code shows that the spammers are trying to promote dozens of domains containing words like “Viagra” or “Cialis.”
A Google search shows that the same links that have been injected into harvardnsj.org can be found in at least 300 other websites.
I’m trying to get in contact with Harvard National Security Journal administrators to see if they can comment on the incident. This post will be updated if they reply to my inquiry.
Update. Harvard representatives have provided the following statement:
“Yes, we are aware of the problems and have been for several weeks. This is obviously very distressing to us.
The web experts at Harvard have been looking into the issue since we became aware of the problems, but despite their efforts, they have yet to resolve the issues. This is an on-going process, and we hope to have this resolved very soon.”