RSS Alerts

Share

More services

Related Links

Related Stories

  • US government not properly coordinating cybersecurity efforts, warns GAO
    The US government is still failing on cybersecurity thanks to a lack of clear definitions among different agencies, the US Government Accountability Office has warned.
  • GAO slams Federal agencies for poor information security
    The Government Accountability Office criticised Federal agencies this week for poorly implementing information security controls, arguing that most of them were deficient.
  • Breaking the Online Bank
    As technology and online behaviors change, so too do methods to compromise a person’s – or organization’s – most vital assets: their financial details. Ted Kritsonis examines how cyber thieves are adapting, and what the banks are doing to stop them
    Members' Content
  • Anti-virus: a technology update
    Anti-virus software might be the archetypal security product, but with so many high-profile malware attacks – including Stuxnet and Zeus – is it doing its job? Kevin Townsend investigates whether anti-virus software is still relevant
  • The battle of the internet browsers
    Browsers are the hackers’ window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and why user education is one of the primary solutions for increased security

Top 5 Stories

News

US Treasury website hacked

06 May 2010

A website operated by the US Treasury was suspended on Tuesday after the site was hacked.

As of today, the website of the Bureau of Engraving and Printing was still down and returning 404 errors after an attack was mounted via the Ukraine. US Department of Treasury websites bep.gov, bep.treas.gov and moneyfactory.gov were taken down after the sites were hit by an exploit that inserted an IFRAME into their source code. The IFRAME pointed to an attack site registered to an Alexey Prokopenko in the Ukraine.

According to PandaLabs, the IFRAME loads one of the Eleonore exploit kits, which then determines the best exploitation method for the browser accessing the site. "Upon accessing the US Treasury website, the IFRAME silently redirects victims through statistics servers and exploit packs which will carry the victim onto the second stage of the attack," said an analysis posted by PandaLabs. "It's still unclear what the original entry point was into the US Treasury website, and I don't suspect that the US Government will release detailed reports about the compromise, but these threats usually make their way onto websites that have outdated server software, Web applications, and/or through Web application security vulnerabilities such as SQL injection".

After infection, a victim's web browser will start redirecting them to advertisements and rogue anti-virus software pages, according to the analysis, posted by Sean-Paul Correll.

"The hosting company used by the Bureau of Engraving and Printing had an intrusion and as a result of that intrusion, numerous websites (BEP and non-BEP) were affected," said BEP spokesperson Claudia Dickens.

The BEP.gov domain is hosted by Network Solutions, while the treas.gov domain is hosted by QDot.

This article is featured in:
Internet and Network Security • Malware and Hardware Security • Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012