Tuesday, May 4, 2010

US Treasury Sites Reportedly Infected With Malware

It's never a good sign when your federal government - especially the US Treasury - ends up with compromised web sites that are serving up malicious code. So what's going on?

According to security vendor AVG, three domains associated with the Bureau of Engraving and Printing's home page were infected by malware. The three domains have since been taken offline.

Via Yahoo News:

According to Thompson, hackers had added a small snippet of virtually undetectable iframe HTML code that redirected visitors to a Web site in the Ukraine that then launched a variety of Web-based attacks based on a commercially available attack-kit called the Eleonore Exploit pack. 

Still to come are the details behind how the malicious iframe code got placed on the sites. There have been a large number of hosting providers that have been compromised of late, so perhaps these domains were part of the same attack scenario.

No comments:

Post a Comment

Please tell me what you think.