This is a story about I stumbled upon a website completely by mistake that had become compromised.
Although you can find websites that are compromised every now and then, they generally aren’t government websites, so I was quite interested to take a look at this site within Ahrefs to see what was going on.
The site in question is tfl.gov.uk. This is a website for Transport for London, which runs the underground service in London, UK.
The way in which the site was compromised was quite interesting.
The attacker had added ads to the site and had added a gigantic list of meme links to the home page of the website. Clicking through to the links would take you to a visual list of memes on different topics, and they would, in turn, link through to different websites.
Looking at the site’s structure, you could see it had quite a few subfolders on various different topics.
I alerted TFL to the issue last week, and they took the offending website down almost a week later. (So my guess is—it was indeed compromised.)
Before it was taken down, I decided to make a quick video on the topic to show you what had happened.
You can check out the video below.
I am not exactly sure why the site was created, but it is interesting to see that a government website can be hijacked in such a public way and used to help rank other content and sites.
Let me know what you think happened or if you have done any more research into it.