US Treasury site hit by attack on cloud host
06 May 2010 | 8079 views | 0
A US Treasury Web site has been suspended after its cloud computing host was hacked, redirecting users to a malicious site in the Ukraine.
A total of four URLs - BEP.gov, BEP.treas.gov, Moneyfactory.gov and Moneyfactory.com - pointing to the Bureau of Engraving and Printing Web site were affected, with script injected to redirect users.
According to Roger Thompson, chief research officer at AVG Technologies, who first noticed the attack on Monday, only IP addresses that had not previously visited the Treasury site were targeted, making it more difficult for authorities to track.
In a statement, the Treasury says: "The Bureau of Engraving and Printing (BEP) entered the cloud computing arena last year. The hosting company used by BEP had an intrusion and as a result of that intrusion, numerous websites (BEP and non-BEP) were affected."
The Web site is still suspended.