A blog page on a UK-based newspaper The Independent’s website has been shelling out ransomware to people who visit it. The hack is a combination of maladvertising and TelaCrypt ransomware, according to initial reporting by Trend Micro, The Inquirer reports.
It is not often that a newspaper itself finds its way into the daily news. When that happens, it usually spells trouble.The Independent, the famous UK newspaper, was in the news for the wrong reasons. A blog page on their website has apparently been hacked.
The result of this hack is users being redirected to a ransomware hosting link and given the readers access to the ransomware. Reports indicate that the UK newspaper’s website has been affected by maladvertising as well as the TeslaCrypt ransomware. The key factors that make users vulnerable to this threat are if they are using WordPress or if they are using an out-of-date Flash software.
The report goes on to claim that the hack could affect the wide reader base of the newspaper as readers who access the infected blog would be victimized by the ransomware.
The area of effect of the hack is limited to the part of the website that uses WordPress, which is the blog part, as other parts of the website can be accessed without running the risk of being infected by the ransomware. Attempts have been made to contact The Independent of the same, but most of those attempts have met with a dead end.
The Independent, in turn, made a statement to BBC saying that an advert hosted on their blogsite could have included the malware, but there has not been any indication that a user has been affected by it till now. They have, however, taken down advertising on some pages as a part of a clean-up operation.
Trend Micro reports that the hack has been in effect since at least November 21 and was running with full ferocity until as recently as Tuesday, December 8. They said that the newspaper website has been actively redirecting users who try to access the infected part of the website to the main site.
They revealed that a user’s system will download the ransomware Cryptesla 2.2.0 if his or her machine does not have an updated Adobe Flash Player.