U.S. Auto Safety Watchdog Website Littered With Scam Links

CarComplaints.com finds hundreds of hidden adware links embedded in NHTSA website.

Posted in News

— In an age where trust in the U.S. government is not at an all-time high, the managing editor of CarComplaints.com discovered something that doesn't exactly inspire confidence in the powers that be.

Mike Wickenden accessed the complaint database of the National Highway Traffic Safety Administration and noticed something strange within the text of some complaints. Embedded in the complaint descriptions were malicious links that a user could click and be taken to a known adware website called ServerLogic3.

NHTSA malicious links in complaints Based on what Wickenden saw, the adware links had been on the NHTSA website for 10 years and it wouldn't have been easy for a consumer to know they were about to be scammed.

"The malicious link code also hides the URL that normally shows up in your web browser status bar when you are about to click on a link, so it wasn't apparent to people what they were clicking on," Wickenden said.

After tracking down well over 700 malicious links, Wickenden notified the appropriate authorities. On Thursday, the NHTSA said it had traced the problem to a third-party contractor whose computer had been infected with malware.

Two malware programs associated with ServerLogic3 are Adware.LinkMaker and Hyperlinker. Antivirus firms Symantec & F-Secure found that the malware redirects search queries to a predetermined Web site, connects to a remote system without the user's consent, downloads other adware programs, and tracks browser usage.

The contractor's job was to take complaints submitted by phone or mail and enter those complaints into the safety agency's database. Based on what the government told Bloomberg.com, the problem occurred in 2005 and government experts thought the problem had been solved at that time.

NHTSA said it had removed the infected complaints in 2005, but that they had apparently missed 171 complaints with malicious links that have remained on the website until now. However, even that number is not accurate.

"It's definitely 292 complaints affected that they missed, not 171," Wickenden said.

NHTSA says it will remove and clean all the infected complaints before posting them back on the website. However, questions loom on why this was allowed to occur in the first place and why it took 10 years, and someone outside of government, to discover the dangerous code.

"It's unacceptable for a government agency created to protect the American consumer to instead have such a lack of security as to place those same consumers in harm's way." - Mike Wickenden, managing editor of CarComplaints.com