/>
X
Innovation

US Treasury web pages hacked, taken down

Three US federal web pages have been hacked, and subsequently taken down, according to antivirus company AVG.The Bureau of Engraving and Printing at bep.
Written by Tom Espiner, Contributor on

Three US federal web pages have been hacked, and subsequently taken down, according to antivirus company AVG.

The Bureau of Engraving and Printing at bep.gov and bep.treas.gov, and Treasury website moneyfactory.gov, were hacked to serve a malicious iframe, Roger Thompson, AVG's chief research officer revealed in two blog posts on Monday.

Thomson told ZDNet UK on Tuesday that the malicious iframe code had been embedded in the pages to take unsuspecting users to a landing page called grepad, which then sent the user to attack sites. Users only had to click on the treasury sites to be taken to the malicious sites.

Once users were at the malicious sites, the sites attempted to upload various exploits from the Eleonore exploit pack, including a downloader, a rootkit, a keylogger, and a remote access Trojan.

"It's rare for Federal sites to get nailed," said Thompson, who added that the sites had been taken offline.

The US Treasury had not responded to a request for comment at the time of writing.

Editorial standards