A United States Department of Labor website has been infecting malware on visitors' computers through drive-by download attacks.
The page at issue, the Site Exposure Matrices (SEM) page, contains information on toxic substances at U.S. Department of Energy facilities. This page included a code placed by hackers that redirected users to other pages in the DoL system. Once redirected, malware was installed on the user’s computer.
If a certain Internet Explorer patch is not installed on the user’s computer, the computer becomes infected and communicates with machines controlled by hackers.
This type of attack is known as a “drive-by download.” A user only has to visit a website in order for the user’s computer to become infected.
Many feel that the government should take the lead on insuring against these sort of security issues. The webpage at issue has been disabled.
