US Treasury branch confirms hack attack

Hacker

Hackers have caused the Bureau of Engraving and Printing (BEP), a part of the US Department of the Treasury, to shut down a number of websites.

The BEP confirmed to IT PRO that the hosting company it uses experienced an intrusion and as a result of the breach numerous websites were affected, including non-BEP sites.

Earlier this week, the Treasury Government Security Operations Centre became aware of the issue and subsequently notified BEP.

"BEP has four internet address URLs all pointing to one public website. Those URLs are: bep.gov; bep.treas.gov; moneyfactory.gov and moneyfactory.com. BEP has since suspended the website," the body explained.

"Through discussions with the provider, BEP is aware of the remediation steps required to restore the site and is currently working toward resolution."

BEP is the largest producer of security documents in the US, printing billions of Federal Reserve Notes for delivery to the Federal Reserve System every year.

According to Roger Thompson, chief research officer at IT security company AVG, the BEP websites had a line of code injected into them.

"Folks should stay away from the sites mentioned until they're cleaned," Thompson warned in a blog.

PandaLabs has also claimed to have come across problems on the US Treasury's sites. Threat researcher Sean-Paul Correll wrote in his own blog post: "We came across an embedded iframe inside of the Department of Treasury website."

Correll explained: "Upon accessing the US Treasury website (treas.gov, bep.gov, or moneyfactory.gov), the iframe silently redirects victims through statistic servers and exploit packs which will carry the victim onto the second stage of the attack."

In Correl's case, the exploit kit determined that Java was the "best method" for infecting his test machine.

Once infected, users' web browsers will start directing them to ads and "other nasty things" like rogueware, the expert added.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.