Skip to main content
  1. Home
  2. Computing
  3. News

Hackers wiped out this popular tax prep software as filing deadline looms

By

The IRS-authorized tax preparation software service eFile.com recently suffered a JavaScript malware attack in the middle of tax season, according to BleepingComputer.

The nefarious JavaScript file has been identified as popper.js and has been observed by eFile.com users as well as by security researchers. The malware is believed to have surfaced on the service around mid-March and has interacted with “almost every page of eFile.com, at least up until April 1st,” the publication added.

SSL error shown by eFile.com (u/SaltyPotter on Reddit).
Image used with permission by copyright holder

Encountering this infected JavaScript on eFile.com would likely result in seeing a broken link, which is returned by infoamanewonliag[.]online. Users of the service began discussing the possibility of an attack on Reddit on March 17, noting that an SSL error message they were receiving appeared to be fake.

Recommended Videos

Researchers confirmed that the errors were indicative of a malware attack, also connecting them to the JavaScript malware file update.js. This file acted in the malware as the cue to make users download the file, and can ultimately vary depending on the browser being used, such as [update.exe – VirusTotal] for Chrome or [installer.exe – VirusTotal] for Firefox.

Having conducted its own research on the malware, BleepingComputer learned that the bad actors orchestrating the malware did so from a Tokyo-based IP address, 47.245.6.91 that was likely hosted with Alibaba. The publication also connected the IP address to the infoamanewonliag[.]online domain, which is also associated with the attacks.

BleepingComputer was able to study a sample of the malware script that was uncovered by the Security research group, MalwareHunterTeam, which was written in PHP. The publication determined that the script is a “backdoor malware” that lets hackers control infected devices remotely. Once infected, the PHP script runs in the background, allowing the malware to connect to a device from a control server every ten seconds to perform whatever nefarious actions the bad actor wants.

Despite the malware being a “basic backdoor,” there is a lot of potential for bad actors to use it for very bad purposes including stealing credentials, or stealing data for extortion, the publication noted.

MalwareHunterTeam criticized eFile.com for not addressing the attack for several weeks. It has since been resolved; however, the extent of its impact remains unknown.

Topics
Fionna Agomuoh
Fionna Agomuoh
Computing Writer
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Hurry! The M4 MacBook Pro just got an unheard of discount
Someone using a MacBook Pro at a desk.

The 2024 MacBook Pro with M4 chip hasn't even been out for a month, but it already has its first major discount. Amazon just knocked $200 off the 14-inch configuration, dropping the price to $1,399 from $1,599. While a $200 discount on a MacBook isn't world-shattering, the fact that this laptop is so new makes this an unheard of deal. Let's dive into some other noteworthy aspects of this sale.

Why you should buy the MacBook Pro M4
This specific configuration of the M4 Pro has a 10-core CPU, 10-core GPU, 16GB of RAM and 512GB of SSD storage. The 16GB of RAM is particularly noteworthy, as it's the new standard for Apple. That makes this a better deal than some of the M3 models with 8GB of RAM. This model of course comes with Apple's signature Liquid Retina XDR display on its 14.2-inch screen, and it's ready for Apple Intelligence.

Read more
Google may finally bring back the Pixelbook, but not how you think
google pixelbook i7 price cut amazon

One of Google’s upcoming big projects could be a high-end laptop slated to be the next rival of the MacBook Pro.

An internal email obtained by Android Headlines detailed that Google has greenlit a project for a device codenamed “Snowy.” The email suggests the device is a laptop with premium specifications similar to the Dell XPS, Microsoft Surface Laptop, the Samsung Galaxy Chromebook, and the brand’s largest competitor, Apple’s MacBook Pro. With the project past the concept phase, it would likely be quickly expanded into a viable product under the Pixel line.

Read more
Best early Black Friday deals under $100: Amazon Echo, TVs, headphones and more
The Amazon Echo Pop on a desk.

Update 11/19/24: Black Friday is still over a week away, but you can already start your shopping with the Black Friday deals under $100 that we've gathered here. There's a possibility that these affordable items get even bigger discounts when the sale officially launches, but we won't blame you if you're already tempted by today's prices.

Black Friday will start on November 29, but if you've already got the itch to shop, check out the early Black Friday deals under $100 that we've gathered here. The offers cover smart home devices, laptops, TVs, kitchen gadgets, and so much more, so if you want to start enjoying discounts without blowing your entire budget for the shopping event, take a look at our favorite bargains below.

Read more