eFile Tax Return Software Found Serving Up Malware
In the height of tax-return season, a popular tax prep software service leaves a malicious JavaScript file online for weeks.
An IRS-approved software service for filing taxes electronically, eFile.com, was found to be delivering JavaScript malware just at the height of tax-return season.
eFile.com, which was used as a conduit for filing more than 66 million tax returns in 2022, was flagged by users and researchers alike. The malicious file existed on the website for weeks — named "popper.js," it was being loaded by nearly every page on the website.
Suspicions of a "hijacking" of the website first began on March 17 when a Reddit thread raised awareness of the site redirecting users to a fake "Network Error" page. Ultimately, these Reddit users were correct in their suspicions, as researchers found another file named "update.js" that had a fake SSL error message, prompting "users to download next stage payload."
The incident serves as a warning regarding the safety of tax filing services and their cybersecurity due to the highly sensitive information it involves, as well as the fact that the website was compromised for an extended period of time without being resolved.
"Tax filing services and their customers are prime targets for cybercriminals in the peak of their busiest season of the year," said Zane Bond, head of product at Keeper Security, a Chicago-based provider of zero-trust and zero-knowledge cybersecurity software, in an emailed statement. "What should you do when you're up against the deadline to get your taxes filed? Remain cautious and don't make rushed clicks. If you are concerned about the security of any tax filing software you're using, consider using a certified professional or the federal government's e-file site to file your taxes."
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024