Ask HN: is the California state park website leading to malware?
What do HN readers recommend to 1) stop the problem now, 2) protect the website for the future?
To reproduce:
1. Visit this California parks page: http://www.parks.ca.gov/?page_id=616
2. Notice the highlight text: "go to reservecaliforrnia.com to view available campsites" and see the misspelling with the extra "r".
3. Go to that misspelled domain name. It redirects to "gogetsplendidapps" and/or to prompt to install Chrome extension "Keep Safe Search". Google reports this as malware.
Update: I'm reporting the issue to the real website, and to the real domain name registrar.
What are approaches to terminate the hack website?
What are suggestions for long-term defense against this kind of attack? For example to install software for many users that would have blocked/refused the hack website?
5 comments
[ 3.1 ms ] story [ 26.5 ms ] thread1) correct: reservecalifornia.com
2) incorrect: reservecaliforrnia [dot com]
Note two 'r'
The often only trigger once, when you visit it. And that's it.
I think it is to make it harder for people to report it, as it does not always pop up/redirect. 'maybe it is just your machine, seems ok on my end'
If it were malware, they would have gone ahead and made it a real link