Colleges and Government Websites in Nepal Sell Sex Drugs!

Getting your Trinity Audio player ready…

I hope that educational institutes such as colleges, schools or universities in Nepal (or anywhere as a matter of fact) are into education rather than selling sex drugs. Also, that the government offices do their assigned jobs rather than selling Viagra. The point I am raising here is security issues of educational and government websites in Nepal.

Let’s do a quick search on Google for Viagra (apparently a sexual wonder drug!) within the educational websites in Nepal, which have the names followed by .edu.np. We can do this using [search term] + the ‘site:’ operator + the URL or domain. For educational sites, this would be https://www.google.com/search?&q=viagra+site%3A.edu.np

The search for Viagra in educational website resulted in over 1700 results! I won’t link such sites direct here but present a screenshot. You can do the search yourself too using the search above.

Educational sites in Nepal Hacked

From Kathmandu University to American Language Center – and several schools, colleges universities websites are infected.

Similarly doing a search for Government sites of Nepal shows plenty of infected websites too.

hacked government sites Nepal

Finally doing a search for a .com.np site showed over 178,000 infected web-pages. I would just share screenshot here as well.

hacked business sites Nepal viagra

Why do educational and government websites get exploited so much?

The easy explanation is that weak security in websites (especially quick cheap ones) allow easy access to external attackers. Another reason might also be related to a different reason called SEO (search engine optimization), which is about how Google ranks a website when somebody makes a search for a particular term. It is a common but somewhat mistaken assumption that links from educational or government site provides better ranks in search results. So the practice of inserting codes to ‘bad’ sites in educational or government or any other site with old software is a notorious practice that has been going on for a long time. Some sites may also redirect to potentially bad sites when clicked on search results rather than going to the actual result displayed.

What can be done to improve website security?

Unfortunately, there is no such thing as 100% secured and even biggest websites get hacked. If we do a similar search for overall educational or government sites around the world, the situation is no better. I wouldn’t be surprised if my own site gets hacked someday. But having said that it is upto the website owner or team to ensure that the site is safe for its visitors.

In general, it is a good practice to:

  • Keep the content management system (CMS) or software up-to date on the server and on own computers
  • Use antivirus
  • Not use easy to guess passwords
  • Choose a more secured hosting
  • Backup data regularly
  • Check own site on Google using the ‘site:’ operator. For example viagra site:ku.edu.np or viagra site:.gov.np
  • Never open suspicious files attachments or websites
  • Report websites that are infected to the website owner

Here are some additional references on better web security (don’t worry! these are trustworthy sites and open in new window.)

Suggestions are welcome!


Comments

4 responses to “Colleges and Government Websites in Nepal Sell Sex Drugs!”

  1. Neither Shocked Nor Surprising.

    Pharma Hack can attack even highly secure sites sometimes. In this type of hack the Hacker does not defaces the site or hacks all the pages. They just enter their code in some pages which are ranking high on Google. So it becomes very hard to find them by admin of a site unless the webmaster himself does the Google Search. I have experienced this on my own sites.

    Now. when Highly secure sites can get hacked.. these colleges and university of Nepal don’t consider their website anything more than a Business card and won’t pay single extra rupee to increase security so of course they are going to hacked and They should be hacked i would say… so as to realize that they need to increase the security of their sites.

    1. Thanks for sharing the tips on Pharma hack Tajim. I’ve experienced it too. Perhaps setting up automated alerts might be an option then.

      On other hand, I agree that unless site owners here actually consider their digital presence higher priority, these stuff will be just a matter of geek talks for them. Also I believe web professionals should start explaining in terms of ROI rather than just taking money for presenting an online business card.

    1. indeed shocking that even the major universities can be careless about these things.

Leave a Reply

Your email address will not be published. Required fields are marked *