Coming at the worst time for taxpayers trying to meet the April 18th tax filing deadline, security researchers have confirmed that IRS authorized tax e-filing vendor has been infecting users with malware since at least March 17th.

Users on a Reddit forum first reported that they thought the website had been “hijacked” on March 17th. It turns out they were correct and researchers confirmed that an infected file called “popper.js” was being pushed out by all pages on the website. is not releasing much information regarding the attack, but an analysis as been written up by Johannes Ullrich at the SANS Institute.

Any users who believe they have been impacted by this event is encouraged to contact

If you are unsure about your cyber resiliency in today’s threat environment, partner with a cybersecurity expert like Rocky Mountain Cybersecurity. We have a wealth of experience and expertise in this area and can provide the support and guidance you need to ensure a secure and safe future for your business. Don’t go it alone – get in touch with us today and let us help you take the first steps towards a safer tomorrow.


Contact us today!  – 307-288-0222 – –


Elmer Robinson is an IT warrior and cybersecurity subject matter expert who has fought on the front lines of the cybersecurity wars providing business continuity as long as they have existed.. A CISSP since 2008 and a certified network engineer since 1993, Elmer has proven success in delivering comprehensive cybersecurity strategies to every type of industry.