Skip to main content
  1. Home
  2. Computing
  3. News

Hackers wiped out this popular tax prep software as filing deadline looms

Fionna Agomuoh
By

The IRS-authorized tax preparation software service eFile.com recently suffered a JavaScript malware attack in the middle of tax season, according to BleepingComputer.

The nefarious JavaScript file has been identified as popper.js and has been observed by eFile.com users as well as by security researchers. The malware is believed to have surfaced on the service around mid-March and has interacted with “almost every page of eFile.com, at least up until April 1st,” the publication added.

Related Videos
SSL error shown by eFile.com (u/SaltyPotter on Reddit).

Encountering this infected JavaScript on eFile.com would likely result in seeing a broken link, which is returned by infoamanewonliag[.]online. Users of the service began discussing the possibility of an attack on Reddit on March 17, noting that an SSL error message they were receiving appeared to be fake.

Researchers confirmed that the errors were indicative of a malware attack, also connecting them to the JavaScript malware file update.js. This file acted in the malware as the cue to make users download the file, and can ultimately vary depending on the browser being used, such as [update.exe – VirusTotal] for Chrome or [installer.exe – VirusTotal] for Firefox.

Having conducted its own research on the malware, BleepingComputer learned that the bad actors orchestrating the malware did so from a Tokyo-based IP address, 47.245.6.91 that was likely hosted with Alibaba. The publication also connected the IP address to the infoamanewonliag[.]online domain, which is also associated with the attacks.

BleepingComputer was able to study a sample of the malware script that was uncovered by the Security research group, MalwareHunterTeam, which was written in PHP. The publication determined that the script is a “backdoor malware” that lets hackers control infected devices remotely. Once infected, the PHP script runs in the background, allowing the malware to connect to a device from a control server every ten seconds to perform whatever nefarious actions the bad actor wants.

Despite the malware being a “basic backdoor,” there is a lot of potential for bad actors to use it for very bad purposes including stealing credentials, or stealing data for extortion, the publication noted.

MalwareHunterTeam criticized eFile.com for not addressing the attack for several weeks. It has since been resolved; however, the extent of its impact remains unknown.

Editors' Recommendations

Topics
The best HP laptops in 2023
HP Spectre x360 13.5 front angled view showing display and keyboard deck.

HP offers several excellent laptop lines that are tailored for professionals, traveling, and student use, and it generally makes great all-purpose laptop models for those who want dependability and performance. HP laptops show up on our best laptops and best 2-in-1s lists, among others. However, picking and customizing an HP laptop can be a confusing process for newcomers, and it's not always immediately clear what differences mark the various HP lines, nor which is the best pick.

Allow us to make the choice easier with our list of the best HP laptops available in 2023, and an explanation of what each model excels at.

Read more
The best laptops for 2023
dell xps 13 9315 review 06

Our expert laptops have tested and reviewed more than 500 laptops over the years, searching for the best of the best. But to earn the crown as the best laptop in 2023, it needs to have it all: gorgeous design, killer performance, a productive keyboard, long-lasting battery life, and much more.

Each of the laptops below has been vetted thoroughly by us here at Digital Trends. Whether it's an affordable Chromebook or a top-of-the-line gaming laptop, they've all been subjected to real-world testing, as well as benchmark and battery tests, to collect data to objectively pit them against each other.

Read more
Hoping for an OLED MacBook Pro? We’ve got some bad news
An Apple MacBook Pro 14 sits open on a table.

If you’ve been waiting for Apple to launch an OLED MacBook Pro, there’s some bad news: it might not come out for another three years. That’s a serious wait considering many of Apple’s rivals have already brought out some of the best OLED laptops on the market.

The news comes from display industry tipster Ross Young, who is well-known for having a solid track record when it comes to Apple leaks. Young tweeted a link to a Reuters article outlining Samsung’s plans for an OLED fabrication plant, adding the comment: “This fab is for 14” and 16” OLED MacBook Pros from 2026.”

Read more