Security News > 2020 > May > Now we know what the P really stands for in PwC: X-rated ads plastered over derelict corner of accountants' website

Now we know what the P really stands for in PwC: X-rated ads plastered over derelict corner of accountants' website
2020-05-06 06:03

A forgotten subdomain on PricewaterhouseCoopers' dot-com has been hijacked to host ads for porno websites and apps, neatly demonstrating why you should not neglect your corporate DNS records.

While PwC declined to comment, both Fedulov and El Reg were able to figure out how the subdomain was commandeered and plastered with filthy ads.

At some point, the accountancy goliath let its amyca-dev-node subdomain expire or lapse, allowing a miscreant to register it.

In this case, Ozdemir explained, the miscreant was likely trying to use the reputation of PwC and its dot-com to game Google into ranking the linked-to smutty pages higher in search results, a particularly underhanded form of SEO. "The subdomain tells Google, 'I am the PwC website,' which has a high domain authority for Google," Ozdemir told The Register.

Ozdemir also noted the miscreants had gone to some lengths to keep the caper under the radar, leaving a "Coming soon" page by default on the Azure cloud subdomain, and only placing the naughty ads on separate pages - eg: amyca-dev-node.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/06/pwc_azure_squatting/