Meta News

University Websites Serving Pornography Due to Administrative Negligence

Summary: Researchers discovered that prestigious university websites, including Berkeley, Columbia, and WashU, are serving pornography and scams due to abandoned subdomain records.

Elite Universities, Compromised Domains: How Basic Digital Management Failures Led to Pornographic Content Distribution

By Staff | April 2026

An unexpected situation has exposed structural weaknesses in the technological management of some of the world's most prestigious universities. According to recent research, hundreds of subdomains belonging to recognized academic institutions have been seized by malicious actors and used to host pornographic content and scam sites.

Far from being a sophisticated cyberattack, the problem stems from a much simpler—and more concerning—source: poor digital resource administration.

An Extensive and Silent Problem

The finding, made by security researchers, reveals that dozens of universities—including institutions like Berkeley or Columbia—have had numerous official subdomains compromised. In total, an estimated hundreds of subdomains have been exploited, and thousands of associated pages appear even indexed in search engines like Google.

These sites not only display explicit content but, in some cases, redirect to fraudulent pages that attempt to trick users with false virus alerts or payment requests.

The impact is not minor: the prestige of these universities lends an air of legitimacy that facilitates deception and increases the success rate of the attacks.

The Technical Origin: The

Key facts

  • Compromised subdomains from 34 different universities were identified.
  • The problem is due to the failure to delete CNAME records of decommissioned subdomains.
  • Scammers use the reputation of universities to redirect traffic to malicious content.
  • Seized sites hosted explicit pornography or malware scams.

Why it matters

This type of negligence in digital infrastructure poses a serious risk of reputational and financial security for academic institutions. It allows malicious groups to use the credibility of domain names to launch large-scale phishing and disinformation attacks.

Tags:
ciberseguridad universidades secuestro de dominio vulnerabilidad malware

Structured details

  • Industry: cybersecurity
  • Source type: media
  • Claim status: confirmed
  • Verification: claimed_by_source
  • Entities: Columbia University, University of California, Berkeley, Washington University in St. Louis

Source: https://arstechnica.com/security/2026/04/why-are-top-university-websites-serving-porn-it-comes-down-to-shoddy-housekeeping/

Published on