TZUTC: -0500
MSGID: 1177.consprcy@1:2320/105 2cb01e41
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
US government vaccine hub, Nvidia events page abused in cyberattack spewing
out AI slop

Date:
Thu, 12 Jun 2025 13:04:00 +0000

Description:
Thousands of AI-generated articles have been posted on major websites.

FULL STORY

Several Nvidia-owned web domains were hijacked to show explicit and
AI-generated content in a spam campaign that also targeted NPR, Stanford, and
US Government sites. 

The Nvidia page, events.nsv.nvidia[,]com has now been taken down, but was
seemingly an events site. The page was taken over and more than 62,000
AI-generated articles were posted, primarily containing incorrect or
incomplete information about popular search topics like video game round-ups
or restaurant recommendations. 

Elsewhere, a domain belonging to the US Department of Health and Human
Services (HHS) advising on vaccines was also targeted, being defaced in a
similar fashion.

WowLazy spam campaign 

Its not clear who hijacked the site or the purpose behind it, since the AI
slop doesnt seem to have a consistent theme or angle. The links in the pages
direct to a nonsense SEO spam page stocks.wowlazy[.]com. 

Much of the content appears to have been apparently explicit, but much was
also entirely mundane - the spam campaign was discovered thanks to a
technologist who was searching for best Portland cat cafes on DuckDuckGo and
was directed to the events.nsv.nvidia[,]com site and a spam page about cat
cafes. 

This isnt the first time that c ybercriminals have hijacked websites in order
to post their own content, but usually this contains some type of malware of
infostealer to gain profit from the spam campaigns - but as far as we can 
see, that wasnt the case on this occasion. 

SEO seems to be a tool that cybercriminals are taking advantage of in order 
to deliver malware (or not) to a wider audience. To mitigate the risk from
this type of attack, users should disable push notifications from sites they
dont know/trust, and be very cautious with unfamiliar links. 

TechRadar Pro did reach out to the CDC, NPR, Stanford, and Nvidia for comment
but havent yet received a response. 

Via 404media

======================================================================
Link to news story:
https://www.techradar.com/pro/security/us-government-vaccine-hub-nvidia-events
-page-abused-in-cyberattack-spewing-out-ai-slop

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 114 206 300 307 317 400 426 428
SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200
SEEN-BY: 396/45 460/58 712/848 902/26 2320/0 105 3634/12 5075/35
PATH: 2320/105 229/426