Department of the Treasury Website Rigged to Exploit Visitors
The website of the U.S. Department of Treasury Bureau of Engraving and Printing (BEP) was compromised by unknown attackers, who rigged it to infect visitors with malware. A malicious IFrame loading exploits from a third-party domain was injected into the index page.
The hack was discovered sometime on Sunday evening, but the affected website remained accessible for most of yesterday. While it was still online, the website could have been reached via three separate URLs: bep.treas.gov, bep.gov and moneyfactory.gov.
AVG was one of the first security vendors to report
the compromise, through the voice of its Chief Research Officer, Roger Thompson, who revealed that a malicious IFrame was injected into the government website. "This iframe is used to silently load one of the elenore exploit kits main URL’s, which in turn determines what’s the best available exploitation method for the browser accessing the site," security researchers from Panda Security, who also analyzed the attack, explain