Skip to content

IRS-Authorized eFile.com Tax Return Software Caught Serving JS Malware

On December 20, 2021, it was reported that the eFile.com tax return software had been found to be serving malicious JavaScript (JS) code to its users. eFile.com is an IRS-authorized tax return software provider that allows users to file their taxes online.

The discovery was made by researcher ‘redteam’ who found that the malicious JS code was being served from a compromised server, rather than from eFile.com’s own servers. The code was designed to steal users’ login credentials and other sensitive information.

According to the report, the malware was active for a period of at least six days before it was discovered. It is not yet clear how many users may have been affected by the attack.

eFile.com has stated that they are investigating the incident and have taken steps to remove the malicious code from their servers. They have also urged users to change their passwords and monitor their accounts for any suspicious activity.

The incident highlights the importance of implementing robust security measures to protect against cyber attacks, even for companies that are authorized by government agencies such as the IRS. Users of eFile.com and other tax return software providers should remain vigilant and take steps to protect their personal and financial information.

This incident also serves as a reminder of the risks associated with third-party software and the importance of regularly monitoring and auditing the software used by an organization.

In conclusion, the discovery of malicious code being served by eFile.com tax return software is a concerning reminder of the persistent threat of cyber attacks and the importance of implementing robust security measures to protect against them. Users of eFile.com and other tax return software providers should remain vigilant and take steps to protect their personal and financial information. Additionally, organizations should regularly monitor and audit the software they use to ensure it remains secure and free of vulnerabilities.