Ukrainian hackers seized control of two CheckFree Web domains on Tuesday and redirected users to a Web address that tried to install malware on visitor desktops.
The breach in the bill payment site was first reported by UK techwire the Register. The unknown assailants had control of the domain for almost five hours. It is not known how many CheckFree customers - and banks who rely on the company's bill payment interface - were caught out by the attack.
CheckFree spokeswoman Melanie Tolley says users who visited the sites during the attack would have been redirected to a blank page that tried to install malware.
"The degree of exposure to users is dependent on how current their anti-virus software is and what browser they used to connect with," Tolley told the Washington Post, adding that the company will release more information about the attack as it becomes available.
Company employees have been deployed to warn customers that they may have visited a malicious website and to check their anti-virus controls.
It appears the assailants pulled off the spoof by stealing the user name and password needed to make account changes at the Web site of Network Solutions, CheckFree's domain registrar.
Online payment site hijacked by notorious crime gang - The Register
Hackers hijack large e-bill payment site - The Washington Post