Malware

U.S. Treasury websites infected with malicious script

Share

Three U.S. Department of Treasury websites have been compromised to spread malware, a security researcher said Monday.

The sites belong to the U.S. Bureau of Engraving and Printing, whose primary mission is to produce paper currency for the federal government.

Roger Thompson, chief researcher officer of AVG, said the attackers injected a malicious IFRAME into the sites, causing visitors to unknowingly be redirected to a hacker-owned site in the Ukraine. The attack site, grepad.com, previously has been flagged as suspicious, according to a StopBadware report.

A spokesperson for the Treasury Department did not immediately respond to a request for comment. It is unclear whether any visitors were infected.

Thompson said bep.gov, bep.treas.gov and moneyfactory.gov are affected.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.