When the Megaupload domain names were seized back in January 2012, they were some of the most visited on the internet, with the site’s promotional material suggesting as many as 50 million people a day used them and their services. However those days are long gone, but that doesn’t mean they receive no traffic at all. In-fact, visitors from the past few days have found that despite the US authorities supposedly controlling them, someone has hijacked them and begun redirecting those that do visit to malware and scam sites.
Until recently, domains like MegaUpload and MegaVideo contained merely a large image that says that sites have been seized by the authorities and that the visitor’s IP may be tracked too. However attempting to visit either at the time of writing sees the URL quickly redirect to a random ad-filled page, with some like TorrentFreak even suggesting that malware attempted to hijack their browser upon the transition.
Clearly the US’ Department of Justice (DOJ) has lost control of the domains some how, as if you look at the WHOIS information for the URLs, they list “PLEASEDROPTHISHOST15525.CIRFU.BIZ” as their name server. That could well mean that the domain server used by the DOJ has itself been hijacked.
Considering that organisation is supposed to house some of the best cyber crime fighters in the world, that’s quite a lot of egg on the DOJ’s face.
Kim Dotcom, founder of the Megaupload file locker said in a statement that: “With U.S. Assistant Attorney Jay Prabhu the DOJ in Virginia employs a guy who doesn’t know the difference between civil & criminal law. And after this recent abuse of our seized Mega domains I wonder how this guy was appointed Chief of the Cybercrime Unit when he can’t even do the basics like safeguard the domains he has seized.”
Megaupload isn’t even the only domain affected, as a number of other seized URLs are also pointing to the malicious sites.
Discuss on our Facebook page, HERE.
KitGuru Says: This is a pretty poor show that even a few hours after this was discovered it still hasn’t been fixed. It goes without saying that we wouldn’t recommend visiting any of the mentioned URLs, as there is a very real chance of you being hit with some nasty malware.