US Treasury Sites Serving Malware

US Treasury Department websites are redirecting visitors to malicious websites that attempt to install malware on PCs.

The infection buried an invisible iframe in bep.treas.gov, moneyfactory.gov, and bep.gov that invokes malicious scripts from grepad.com.  The code was discovered late Sunday night and was active up to 12 hours later.

To cover their tracks, the miscreants tailored the attack against only IP addresses that haven’t already visited the Treasury websites. 
Advertisements