Cory Gunther
We have some bad news if you used the IRS-authorized website eFile.com to prepare your taxes this year. Security researchers say the site was hacked and compromised for weeks, serving up malware alongside refunds.
According to several users on Reddit dating back to March, not to mention security researchers on Twitter, hackers are using the site to target users with a Windows machine and injecting malware on computers.
While filing taxes, users could see a fake “This site can’t be reached” pop-up with a link that delivered malware through a javascript file. And considering the first reports are from mid-March, who knows how long this has been happening. You can learn more from a post by Johannes Ullrich, a security researcher at the SANS Technology Institute.
Apparently, users were getting a pop-up saying the site couldn’t be reached and to update their browsers. Then, unfortunately, a malicious link labeled “update.exe” was ready and waiting for unsuspecting users. We do not know the scope of the hack.
If there’s a silver lining, we’re hearing the eFile website was updated and removed the malware link. However, there’s no telling if the site suffered a more significant breach, which would be bad news. The company’s Twitter account has been inactive since 2020, and the website doesn’t mention the hack in any capacity.
Considering all the sensitive information input during tax season, this entire situation is very concerning. We’ll report back if we learn more.
