Security News > 2023 > April > University websites using MediaWiki, TWiki hacked to serve Fortnite spam
Websites of multiple U.S. universities are serving Fortnite and 'gift card' spam.
BleepingComputer confirmed the malicious campaign was live, and had targeted additional scholastic websites including that of the University of Michigan.
These websites appear to be running either TWiki or MediaWiki-the latter being a CMS platform that powers Wikipedia and multiple Wikimedia websites.
Although the malicious campaign has primarily targeted university websites built with MediaWiki, it seems some government websites were also hit by same threat actors.
Eu's case, it appears spammers are abusing the Europass e-Portfolio service-a job search portal that enables prospective European residents to create and upload their CVs and cover letters as PDFs:. It remains unclear what exploit are threat actors leveraging to upload spam pages and PDF documents to websites belonging to legitimate organizations.
MediaWiki and TWiki sysadmins should sweep their websites for spam and malicious content, especially resources containing keywords like 'gift card,' 'Fortnite,' etc.