Florida Government Website Compromised, Set Up to Serve Malware

Florida government website hacked

The official website of the government of Arcadia (arcadia-fl.gov), a city in Florida, has been breached and set up to push a pop-up advertising a video player.

Researchers from Malwarebytes were the first to report the breach. Experts found that the site’s visitors were presented with a pop-up message that instructed them to install VIO Player via the Optimum Installer download manager. Such installers usually try to get (trick) users to install other pieces of software, such as web browser toolbars.

By the time Malwarebytes got to analyze the compromised website, the application served to users had already been removed. However, according to a VirusTotal analysis from around two weeks ago (7/51 detection rate), the file appears to hide a Trojan or possibly a piece of ransomware.

Malwarebytes products detect the threat as Trojan.Agent.ZT.

The administrators of the Arcadia website quickly removed the pop-up from the website after being notified by experts. However, the incident shows that there are a lot of vulnerable government websites, even in the United States.

The problem with government websites is that many users tend to trust them. So if cybercriminals use these sites as a medium to distribute their shady or malicious programs, a lot of people might take the bait.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s