FYI...
US Treasury websites compromised -
http://community.websense.com/blogs/securitylabs/archive/2010/05/04/treasury-websites-compromised.aspx4 May 2010 - "A few of the US Treasury websites were compromised today and
loaded a hidden iframe containing exploit code to anyone who visited the following three sites:
* bep .gov
* bep.treas .gov
* moneyfactory .gov ...
This
iframe loads a page from gr[REMOVED]ad .com (
hosted in Turkey) which in turn redirects to si[REMOVED]e-g .com/jobs/ (
hosted in The Netherlands) which is
where the exploits are hosted. In this case it's the Eleonore Exploit Kit that is used which has support for several vulnerabilities in Adobe Reader, Flash, Internet Explorer etc...
the exploit kit pushes a malicious PDF to the user which exploits a vulnerability in Adobe Reader. At the time of writing only 20% of all AV vendors detected that file*..."
(Screenshots and video available at the Websense URL above.)*
http://www.virustotal.com/analisis/9a274b7d8f7eeadf33b98ebcc9b4c1493e3c3252c7be72b71e8cc08ca1601e63-1272930681File
mal.pdf received on 2010.05.03 23:51:21 (UTC)
Result:
8/40 (20.00%)U.S. Treasury Site Compromise linked to NetworkSolutions Mass WordPress Blogs Compromise
-
http://ddanchev.blogspot.com/2010/05/us-treasury-site-compromise-linked-to.htmlMay 04, 2010
-
http://thompson.blog.avg.com/2010/05/treasury-website-hacked.htmlMay 03, 2010
-
http://pandalabs.pandasecurity.com/usa-treasury-website-hacked-using-exploit-kit/05/4/10
-
http://boards.cexx.org/index.php?topic=18708.msg80824#msg80824May 5, 2010 
Topic: US Treasury sites compromised