Three US Department of Treasury websites have been compromised to spread malware, a security researcher said yesterday.
The sites belong to the US Bureau of Engraving and Printing, whose primary mission is to produce paper currency for the federal government.
Roger Thompson, chief research officer at AVG, said the attackers injected a malicious IFRAME into the sites, causing visitors to unknowingly be redirected to a hacker-owned site in the Ukraine. The attack site, grepad.com, has previously been flagged as suspicious, according to a StopBadware report.
A spokesperson for the Treasury Department did not immediately respond to a request for comment. It is unclear whether any visitors were infected.
Thompson said bep.gov, bep.treas.gov and moneyfactory.gov are affected.
See original article on scmagazineus.com
U.S. Treasury websites infected with malicious script
By
Dan Kaplan
on May 4, 2010 10:54AM
Malicious IFRAME used.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
Solving the post-COVID digital access control headache
Promoted Content
New report reveals opportunities to address weak security in APAC organisations
Promoted Content
Why efficient data sharing is vital for effective emergency management
Promoted Content
A 360° view of the cost of data breaches in Australia and how to mitigate them
Sponsored Whitepapers
The ultimate guide to customer IAM
10 questions to ask before you select a Network Performance Management tool
Innovate faster. Why accelerating change is a CIO's biggest challenge.
Unlock faster time-to-revenue using Adobe digital document processes
How Security as Code changes development and deployment for the cloud
