On a site seemingly abandoned by Nvidia for events, called events.nsv.nvidia.com, a spam marketing operation moved in and posted more than 62,000 AI-generated articles, many of them full of incorrect or incomplete information on popularly-searched topics, like salon or restaurant recommendations and video game roundups.
On the vaccines.gov domain, topics for spam blogs include “Gay Impregnation,” “Gay Firry[sic] Porn,” and “Planes in Top Gun.”
Very bizarre that the article didn’t touch on it.
The comment didn’t explain it entirely but I figured all these domains pointed to a hosted content management system somewhere. Then that domain either expired or it was CNAMEs the whole way down to some “cloud” providers’ default generated DNS (eg
nvidia-hosted-cms.azurewebsites.net). Or they all used the same CMS which had an exploit developed for it.Happened to EA’s Steam competitor before: https://www.bleepingcomputer.com/news/security/ea-fixes-origin-game-platform-to-prevent-account-takeovers/
That makes a lot of sense!
I think it can also basically happen with anything where there’s a DNS record pointing to something not controlled by the same organization. Basically just make sure you keep your DNS records up to date!
(I also added another sentence or two to my earlier comment)