Menu
Instead of news, UK paper delivered ransomware

Instead of news, UK paper delivered ransomware

The Independent has now cleaned up the infection, Trend Micro said

A major UK newspaper is cleaning up its website after a criminals tried to deliver ransomware to thousands of its readers.

The attack affected the blogs section of The Independent newspaper's website, Joseph C. Chen, a fraud researcher with Trend Micro, said in a blog post Tuesday.

"We have already informed The Independent about this security incident and are working with them to contain the situation," Chen wrote. "For their part, the news website staff was quick to respond and take action to mitigate the risk this event posed to the website itself and its user base."

The Independent's blogs section runs on WordPress, a publishing platform that occasionally has software vulnerabilities in itself or in add-on components.

The cyberattackers were able to compromise pages, redirecting viewers to an exploit kit that probed their computer for vulnerabilities. Chen said he identified the exploit kit as Angler, a widely used one.

Angler then tried to exploit out-of-date Flash players. It specifically targeted a remote execution flaw patched by Adobe Systems in mid-October, CVE-2015-7645. An exploit for the flaw was the latest Trend has found added to Angler.

the independent angler exploit kit Trend Micro

Trend Micro shows a mashup of screenshots illustrating how the Angler exploit kit abused the blogs section of The Independent's website.

If the attack successfully compromised a user's machine, it delivered the Cryptesla 2.2.0 ransomware, a type of malware that encrypts a user's files and demands a payment for the key to decrypt them.

Websites that draw a lot of traffic are attractive to criminals since they allow them to infect a lot of computers in a short time. The Independent ranks 50th among websites in the U.K., according to Alexa.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments