It’s tax season in the United States. Normally the most worrisome part of paying taxes is figuring out who counts as a dependant or whether or not you’re technically a contractor. But a recent issue with the free filing service eFile.com, authorized and tacitly endorsed by the IRS, has added a whole new layer of stress to filing your taxes. Security researchers found a malicious JavaScript file spreading malware on the site itself.
According to a report by BleepingComputer, several Reddit posters saw odd but familiar behavior when they went to eFile.com (which is a separate, for-profit tax company, despite the identical name to IRS eFile). If you’ve been on the web long enough, you’ve seen something similar: The JavaScript file shows a dummy error page and instructs users to download a browser update, which in fact is a load of malware, specifically a Windows-based botnet program. The downloads are successfully spotted and neutralized by at least some antivirus programs, driving home the need to keep your PC protected.
BleepingComputer, MalwareHunterTeam, and other security researchers have confirmed that at least some pages on eFile.com were compromised with the JavaScript loader. The issue was present on eFile.com as far back as March 17th of this year, and as of the time of writing, does not appear to be fixed. Despite being alerted by multiple parties, eFile does not seem to have made a statement on the subject.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
