Three US Department of Treasury websites have been compromised to spread malware, a security researcher said yesterday.
The sites belong to the US Bureau of Engraving and Printing, whose primary mission is to produce paper currency for the federal government.
Roger Thompson, chief research officer at AVG, said the attackers injected a malicious IFRAME into the sites, causing visitors to unknowingly be redirected to a hacker-owned site in the Ukraine. The attack site, grepad.com, has previously been flagged as suspicious, according to a StopBadware report.
A spokesperson for the Treasury Department did not immediately respond to a request for comment. It is unclear whether any visitors were infected.
Thompson said bep.gov, bep.treas.gov and moneyfactory.gov are affected.
See original article on scmagazineus.com
U.S. Treasury websites infected with malicious script
Malicious IFRAME used.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
Australian organisations must act on security – or risk AI ambitions falling flat
.png&h=140&w=231&c=1&s=0)
Partner Content
AI and quantum computing widen the machine identity security gap
Partner Content
Logicalis APAC CIO Report: The CIO’s 2025 Mandate
.png&h=140&w=231&c=1&s=0)
Partner Content
Machine identity a key priority for organisations’ security strategies: CyberArk
Sponsored Whitepapers
.png&w=100&c=1&s=0)
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
