Louisiana Department Of Education referred to as DOE had a subdomain hacked yesterday. This was discovered by a researcher and was posted on Twitter September 10th at 4:58 PM . The researcher received an email from the Louisiana governments EDGAR System with a link to the malicious page.
The malware on the page is served up by powershell and is believed to be called Cobalt Strike. Immediately on hearing this, our CEO alerted some other government contractors, since we do security work for the government, but do not have any contacts in Lousiana.
This ended up in the researcher being told to contact US CERT by a well known researcher. 11 hours ago it was no longer available to access, hopefully it is down for repair.
Unfortunately, this is not the first time this month that we have reported on the United States Education systems being hacked.
While the exploit point is unknown, EDGAR is known to be exploited often and has come under scrutiny by congress for the system being exploited and not being disclosed for far too long.
We will continue to keep you up to date on the Lousiana government DOE hack as the events are still developing.