According to Netcraft, of all the malware hosted on government websites in April 2014, 85% was on .go.th (second-level domain used by the Thai government) domains.
The list of affected sites includes seven belonging to police forces, the Thai Navy, and ones of various other military organizations.
The Navy’s website, for instance, was used to redirect internauts to a Visa phishing page hosted on a Malaysian site. The Malaysian website has been taken down, but the Thai Navy’s site still hoststhe redirection script.
Experts highlight the fact that the .th TLD is the fourth “phishiest.” Netcraft currently blocks 310 phishing sites hosted on .th domains.
As far as the hacked government sites are concerned, it’s unlikely that authorities will address the issue any time soon.
“Cleaning up these attacks is unlikely to be Thailand’s number one priority at the moment — the country has been in a state of paralysis since government elections were obstructed by protesters, and last month, there were concerns that the situation could escalate into civil war,” Netcraft’s Paul Mutton noted in a blog post.