Hackers hijack over 30 US Government domains to promote AI porn

A widespread and disturbing cyber campaign has compromised dozens of U.S. state and local government websites, with hackers exploiting security weaknesses to inject links promoting explicit, AI-generated content and sex applications.

The attack targeted at least 36 government entities spanning approximately 18 states, demonstrating a critical vulnerability in public sector digital infrastructure. Affected sites included domains belonging to state departments of transportation, veterans affairs offices, and even state attorney general websites, all featuring the secure ".gov" suffix.

The method: Exploiting upload and calendar functions

While the exact method of entry is still under investigation, cybersecurity analysts suggest the attackers exploited poorly secured or unmonitored public-facing input forms, such as group calendar functions or content upload portals, to inject the malicious links and content.

By successfully posting the explicit AI content and promotional links on trusted government websites, the hackers were attempting to leverage the sites' high search engine authority (PageRank) to boost the visibility of their illicit AI-porn services.

The compromised pages were found to contain links to AI sex apps, instructions on creating explicit AI deepfakes, and advertisements for AI-produced nude images and explicit chatbots.

Officials from the affected states, including Washington, Kansas, and Nevada, immediately launched investigations and began working with state technology agencies to remove the unauthorized content. In some cases, the ability for users to upload information to group calendars was immediately disabled and the offending IP addresses were blocked.

The AI weaponization trend

This incident is the latest example of malicious actors weaponizing new generative AI technology for illicit activities. This is despite the government enacting laws like the Take It Down Act, which criminalizes the nonconsensual publication of intimate images, including explicit deepfakes.

Experts are warning that the attack points to an urgent need for government agencies at all levels to enhance their web application security, specifically focusing on input validation and content moderation on public-facing sites to prevent them from becoming unwitting hosts for illegal or harmful material.