Three US Department of Treasury websites have been compromised to spread malware, a security researcher said yesterday.
The sites belong to the US Bureau of Engraving and Printing, whose primary mission is to produce paper currency for the federal government.
Roger Thompson, chief research officer at AVG, said the attackers injected a malicious IFRAME into the sites, causing visitors to unknowingly be redirected to a hacker-owned site in the Ukraine. The attack site, grepad.com, has previously been flagged as suspicious, according to a StopBadware report.
A spokesperson for the Treasury Department did not immediately respond to a request for comment. It is unclear whether any visitors were infected.
Thompson said bep.gov, bep.treas.gov and moneyfactory.gov are affected.
See original article on scmagazineus.com
U.S. Treasury websites infected with malicious script
By
Dan Kaplan
on May 4, 2010 10:54AM
Malicious IFRAME used.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
Razer unveils hyper-focused productivity laptop – Razer Book 13
Partner Content
A blueprint for rebuilding a resilient enterprise
Partner Content
Next-gen SD-WAN is the key to power and secure the future of remote work
Partner Content
Signs your department is ready to modernise legacy apps
Sponsored Whitepapers
Building a ransomware remediation backup strategy
Forrester's Asia Pacific Predictions 2021 Guide
Adopting a Next-Generation Data Security Approach
How to be a SOAR winner
3 steps to a well-rounded cybersecurity plan
Events
- [Watch]: Cloud-powered innovation to speed your digital transformation in a post-pandemic world
- [On-demand replay] - Insights on cloud economics in the real world
- Corporate Risk and Fraud Detection - How to protect payments from fraud, featuring fireside chat with Bank of New Zealand
- On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
