Northern Irish firm Holmes & Moffitt has become an unwitting vendor of dietary supplements.

Unusually for a law firm, it splits its website into five main sections: 'Home', 'About Us', 'What We Do', 'Contact Us', and 'Weight Loss Pills'.




The link takes browsers who came for conveyancing advice but stayed for a fat-shedding miracle to a hacked and amended section of the firm's website. It displays a long, nonsensical screed which reads like Yoda dictating his diet philosophy while having a fit. RollOnFriday does not advise reading it, even though it contains several promising names for indie bands (underlined).



The last time hackers altered a law firm's website it was to sell viagra. The blackhats have done a far more invasive and professional job this time, although Holmes & Moffit is only the latest target in the profession. A tech-savvy ex-client recently created a rude clone of an Austrian firm's official site, while last year Olswang staff were fooled into paying scammers tens of thousands of pounds. Last week it was revealed that Burges Salmon's website had been duplicated by conmen who even stole the profiles of some of its lawyers.

Holmes & Moffitt failed to respond to a request for comment.
Tip Off ROF

Comments

Roll On Friday 15 April 16 10:09

I believe what we may have here is script that is essentially gibberish which website developers use to populate test pages, which has accidentally been carried through to the main page.

Anonymous 15 April 16 15:05

Nice try but stick to the lawyering and leave the infosec to the adults. This is just misconfigured cloaking. The hackers set it up so you will see a different page depending on who you are. The web site content managers will see nothing or something in keeping with the rest of the site, so no alarm bells. The punters will see the adverts for the pills with links to dodgy sites where they can be purchased (and your personal and payment details "borrowed" for good measure). Search engine indexers like Google will see a page of gibberish like this; it is basically Bayesian poisoning designed to either get the page listed under relevant search terms or at the very least not get the page flagged as dodgy and thus not end up in various browser and anti-malware products as somewhere you should avoid. In this case the detection code has failed and the punters are seeing the page designed for the search engines.