Skip to main content

Hackers wiped out this popular tax prep software as filing deadline looms

The IRS-authorized tax preparation software service eFile.com recently suffered a JavaScript malware attack in the middle of tax season, according to BleepingComputer.

The nefarious JavaScript file has been identified as popper.js and has been observed by eFile.com users as well as by security researchers. The malware is believed to have surfaced on the service around mid-March and has interacted with “almost every page of eFile.com, at least up until April 1st,” the publication added.

SSL error shown by eFile.com (u/SaltyPotter on Reddit).
Image used with permission by copyright holder

Encountering this infected JavaScript on eFile.com would likely result in seeing a broken link, which is returned by infoamanewonliag[.]online. Users of the service began discussing the possibility of an attack on Reddit on March 17, noting that an SSL error message they were receiving appeared to be fake.

Recommended Videos

Researchers confirmed that the errors were indicative of a malware attack, also connecting them to the JavaScript malware file update.js. This file acted in the malware as the cue to make users download the file, and can ultimately vary depending on the browser being used, such as [update.exe – VirusTotal] for Chrome or [installer.exe – VirusTotal] for Firefox.

Having conducted its own research on the malware, BleepingComputer learned that the bad actors orchestrating the malware did so from a Tokyo-based IP address, 47.245.6.91 that was likely hosted with Alibaba. The publication also connected the IP address to the infoamanewonliag[.]online domain, which is also associated with the attacks.

BleepingComputer was able to study a sample of the malware script that was uncovered by the Security research group, MalwareHunterTeam, which was written in PHP. The publication determined that the script is a “backdoor malware” that lets hackers control infected devices remotely. Once infected, the PHP script runs in the background, allowing the malware to connect to a device from a control server every ten seconds to perform whatever nefarious actions the bad actor wants.

Despite the malware being a “basic backdoor,” there is a lot of potential for bad actors to use it for very bad purposes including stealing credentials, or stealing data for extortion, the publication noted.

MalwareHunterTeam criticized eFile.com for not addressing the attack for several weeks. It has since been resolved; however, the extent of its impact remains unknown.

Fionna Agomuoh
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
Here’s your chance to win this Gigabyte gaming laptop — a $1,300 value
GIGABYTE 16" Gaming Laptop Giveaway

I remember the days when a gaming laptop, or any laptop really, couldn't hold up against the power and performance of even a low-grade desktop PC. Not that I'm saying I'm older -- I'm middle-aged -- but there was definitely a time when laptops were not what you wanted to use for gaming unless you absolutely had to. That's no longer the case. Today, there are some incredibly powerful laptops that free you to play from just about anywhere, and that's not even including modern PC handhelds. A great example of this is the Gigabyte G6X 9KG gaming laptop which has a GeForce RTX 4060 and supports full ray tracing and Nvidia DLSS. It has enough power to run Black Myth: Wokung without issues and allow me to reiterate, that's possible on a laptop. Pretty impressive.

The best part, however, is that it won't drain your money. The Gigabyte G6X 9KG gaming laptop is only $1,300, but it also offers 32GB of RAM and 1TB of SSD storage. Better yet, it has user-upgradeable options, as well, so it's flexible and customizable. Today's your lucky day. You have the chance to win this beast directly from Gigabyte. To enter, all you have to do is follow the tasks provided. To do that, or if you want to learn more about this particular Gigabyte gaming laptop, head below.
Learn more about the Gigabyte 16-inch G6X 9KG gaming laptop

Read more
This cheap 27-inch gaming monitor just got even cheaper
Samsung Odyssey G3 gaming monitor on desk with keyboard and headset.

You don't need to spend several hundreds of dollars on monitor deals to get a decent display for your PC gaming setup, as there are cheap but reliable options like the 27-inch Samsung Odyssey G3 gaming monitor. It's already pretty affordable at its original price of $230, but a $50 discount from Samsung brings it down further to only $180. We're not sure how much time is remaining before you lose your chance at these savings, so we highly recommend completing your purchase for this gaming monitor as soon as you can.

Why you should buy the 27-inch Samsung Odyssey G3 gaming monitor
Gamers who want an affordable gaming monitor should look no further than the 27-inch Samsung Odyssey G3. Coming from a line that takes up multiple spots in our list of the best gaming monitors, this entry-level model still provides an excellent experience with its Full HD resolution for sharp details, and a 180Hz refresh rate that beats the recommended range of our computer monitor buying guide for smooth movements. It also offers a 1ms response time for minimal blur and the possibility for quicker reactions on your part.

Read more
Best Squarespace deals: Save on domains, web builder, and more
A laptop with Squarespace displayed on the screen.

With websites becoming so common these days, you may want to set up one for yourself, and Squarespace is a great option for that. In fact, if you're not very tech savvy, then you'll be surprised at how easy it is to build a website with Squarespace, especially with it's advanced website builder. That means that you can have a site up and running in almost no time, not to mention that you also get a few great perks along with your subscription, and with up to 36% off for non-student plans, it's a really great way to get started.

Besides just website building, there are a ton of perks of subscription, from hosting to email campaigns and even Squarespace Courses, which is pretty unique for a website-building website. So, if that sounds like something you'd like to be a part of, we've listed all the ways you can save on Squarespace subscriptions below.
Today’s best Squarespace deals

Read more