Freely subscribe to our NEWSLETTER

Criminals have been using the European Commission’s European School Education Platform to distribute links to malicious websites that include illegal streaming platforms, money, and premium account generators for multiple online services (including OnlyFans premium accounts, PlayStation Network gift cards, Fortnite bucks generators, and Cash App money generators). This is according to recent findings by cybersecurity experts at NordVPN, who noticed the security issue on March 10.

The government-owned website lets schools and other educational organizations create profiles to facilitate finding partners around Europe. Criminals exploited the platform by pretending to be an educational organization and filling their profiles with multiple keywords associated with the illegal content they promote. They also left malicious links at the bottom of the profile.

NordVPN contacted the European Commission regarding the security issue as soon as they noticed it. The EC hasn’t responded yet but managed to delete most of the fake profiles on the website. Nevertheless, it is still a prominent issue because malicious parties have found a new way to exploit the website – by uploading PDF files with malicious links.

By doing this, criminals can take advantage of the high domain rating of governmental websites, rank high on Google searches, and avoid being blocked by search engines for harmful content. An attack like the one on the EC is called blackhat search engine optimization (blackhat SEO). NordVPN researchers noted that Google failed to spot fake profiles and PDF files on the European Commission’s website and ranks them first in the search results.

More screenshots can be provided if requested

"The lack of oversight and proper spam filters on the website can cause damage because people don’t expect anything malicious to be posted on the official website of the European Commission and they feel safe clicking on any links. Malicious links not only lead users to websites where they can be scammed or access illegal content. They can also infect users’ gadgets with dangerous malware, which steals their data or takes control over the entire device," says Adrianus Warmenhoven, a cybersecurity advisor at NordVPN.

This is not the first time governmental organizations have been attacked with blackhat SEO. In the past, a cybercriminal known as "m1gh7yh4ck3r" targeted the World Health Organization and Unesco websites with a similar kind of attack.

"We hope that the European Commission will fix this issue in full as soon as possible by implementing an authentication system preventing criminal interventions. Until then, we highly advise users not to click any links on the European Commission’s European School Education Platform and use anti-malware protection tools (such as an antivirus or NordVPN’s Threat Protection) at all times," says Adrianus Warmenhoven. "It is important to always stay cautious, even if a user is visiting a legitimate and trustworthy website."