Uh, I think the @CDCgov's DNS or servers were hijacked starting in April. I've found a ton of crazy content spewing from … http://immunizationinvestmentsapistage.cdc.gov across Google's Cache, with timestamps leading into late July 😬
Google Webcache backups of the real http://CDC.gov subdomain are redirecting to shady ad networks. http://webcache.googleusercontent.com/search?q=cache:MKxhvvoEJ-MJ:immunizationinvestmentsapistage.cdc.gov/ascii-art-smile.html+&cd=1&hl=en&ct=clnk&gl=us …
Twitter appears to have retracted the domain. May already have hit upstream blacklists — oddly not Google's. The CDC has not cleared the caches through Google Admin, so I question whether they are aware of this breach. The caches rank immunizationinvestmentsapistage[.]cdc[.]gov
I called the CDC's IT and they had almost hung up before I could say the word 'hack.' They kind of an angrily took my contact information, and that was the end of that. Less than a 2 minute call 😬
Going to go out on a limb and say that there are a lot of reasons why the anti-vaxxers and MMS parents are winning the information war. The CDC's domain spewing porn and malware is... icing on the cake.
I reached US-CERT (under CISA at DHS). I have to say they were more helpful, but it sounded like I reached an elderly man who wasn't supposed to be getting these calls. I was again re-rerouted, this time to an email address. I requested to be routed to the new NCCIC. Not good 😬
You can follow @_DanielSinclair.
Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.
Enjoy Threader? Sign up.
Threader is an independent project created by only two developers. The site gets 500,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Running this space is expensive and time consuming. If you find Threader useful, please consider supporting us to make it a sustainable project.