JC Penney Site Hacked With Porn Redirects

Yesterday, I was searching for some software and Google showed me a listing for the national retailer J.C. Penney.  I was a little curious why J.C. Penney would have a listing for software and when I clicked the link, I was redirected to a porn site!

I'm not sure how this hack works, but the redirects were all on the JC Penney server.  This hack was done on the server itself and wasn't anything that could be done externally.

After a few experiments, I quickly found Google would show one of these hacked redirects in the search results anytime a user searched for JC Penney along with about anything else.  I took a look inside the directory where the redirects were located and found a total of 36,000 of them.  Wow!

It looks like the IT guys at J.C. Penney have cleaned up some of the redirects and redirected them to the J.C. Penney home page.  Funny enough, a lot of the redirects still go to the porn site.  How hard could this be?  Everything is located in one folder.  Why not erase all the redirects and use an entry in the .htaccess file to forward all traffic from this directory back to the home page.

There is a good lesson to be learned.  If J.C. Penney with all its millions of dollars and best of the best IT guys is not safe from being hacked, how safe are me and you?

 

If you enjoyed this post, make sure you subscribe to my RSS feed!

 

 

Tags: , , , , ,

Leave a Reply