Alerts
Oklahoma Tax Commission Site Compromised
Date:01.29.2010
Threat Type: Malicious Web Site / Malicious Code
Websense Security Labs™ ThreatSeeker™ Network has discovered that the home page of the Oklahoma Tax Commission Web site has been compromised with malicious script code. The heavily obfuscated code has been injected at the bottom of the page.
Here is what site visitors see when they visit the Oklahoma Tax Commission home page:.png)
After the page is loaded, the browser executes the injected script in the background.
Below is a screen shot of the injected code: 
The injected script code goes through a series of deobfuscation techniques that ultimately take the victim computer to an attack Web site without the victim's consent or knowledge.
At the time of this posting, the attack Web site is down, but it could come back up at anytime to carry out attacks against visitors to the Oklahoma Tax Commission home page.
Websense Messaging and Websense Web Security customers are protected against this attack.