Three US Department of Treasury websites have been compromised to spread malware, a security researcher said yesterday.
The sites belong to the US Bureau of Engraving and Printing, whose primary mission is to produce paper currency for the federal government.
Roger Thompson, chief research officer at AVG, said the attackers injected a malicious IFRAME into the sites, causing visitors to unknowingly be redirected to a hacker-owned site in the Ukraine. The attack site, grepad.com, has previously been flagged as suspicious, according to a StopBadware report.
A spokesperson for the Treasury Department did not immediately respond to a request for comment. It is unclear whether any visitors were infected.
Thompson said bep.gov, bep.treas.gov and moneyfactory.gov are affected.
See original article on scmagazineus.com
U.S. Treasury websites infected with malicious script
Malicious IFRAME used.
Add iTnews as your trusted source
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
CommBank creates opportunities for technologists to upskill with frontier AI companies
.jpg&h=140&w=231&c=1&s=0)
Promoted Content
Why resilient communications are becoming critical infrastructure for modern enterprise IT
.jpg&h=140&w=231&c=1&s=0)
Scalable AI solutions: secure delivery
.jpg&h=140&w=231&c=1&s=0)
Partner Content
The hidden economics of AI: Why token usage matters more than you think
Sponsored Whitepapers
2026 Identity Security Landscape
Are Australian organisations as cyber-ready as they think?
Are New Zealand organisations as cyber-ready as they think?
From visibility to execution: Fixing the SaaS management gap
When cyber risk has no clear owner: A practical guide for senior Australian business leaders
iTnews State of Security Breakfast
iTnews State of Data & AI Breakfast
Forrester's AI Forum Sydney
The 2026 iAwards
.jpg&w=120&c=1&s=0)
Integrate 2026
_(1).jpg&h=140&w=231&c=1&s=0)
