Three US Department of Treasury websites have been compromised to spread malware, a security researcher said yesterday.
The sites belong to the US Bureau of Engraving and Printing, whose primary mission is to produce paper currency for the federal government.
Roger Thompson, chief research officer at AVG, said the attackers injected a malicious IFRAME into the sites, causing visitors to unknowingly be redirected to a hacker-owned site in the Ukraine. The attack site, grepad.com, has previously been flagged as suspicious, according to a StopBadware report.
A spokesperson for the Treasury Department did not immediately respond to a request for comment. It is unclear whether any visitors were infected.
Thompson said bep.gov, bep.treas.gov and moneyfactory.gov are affected.
See original article on scmagazineus.com
U.S. Treasury websites infected with malicious script
Malicious IFRAME used.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
Suntory Oceania’s $30 million IT transformation powers carbon-neutral multi beverage facility
.png&h=140&w=231&c=1&s=0){kind=logo}
Promoted Content
Overcoming the “last mile” problem in AI adoption with Lucid Software
_(23).jpg&h=140&w=231&c=1&s=0)
Partner Content
From hype to value: The AI trends set to shape 2026
_(22).jpg&h=140&w=231&c=1&s=0)
Partner Content
Private 5G powers data-driven mining
Sponsored Whitepapers
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
_(26).jpg&w=100&c=1&s=0)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
The cloud tipping point
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
