A BLOG PAGE ON THE WEBSITE OF UK newspaper The Independent has been accused of giving readers access to ransomware.
Trend Micro brings the breakfast-ruining news, and says that the newspaper has a problem with malvertising and the TeslaCrypt ransomware terror. It seems that it is the use of WordPress – a thing we often hear has security issues – is at least part of the problem, as is out-of-date Flash software.
“The blog page of one of the leading media sites in the United Kingdom, The Independent has been compromised, which may put its millions [really?] of readers at risk of getting infected with ransomware,” it reports.
“We have already informed The Independent about this security incident. However, the site is still currently compromised and users are still at risk. It should be noted that only the blog part of the website – which uses WordPress – is impacted; the rest of The Independent’s online presence seem unaffected.”
We have attempted to get in contact with the paper, but this has proved harder that we expected, although we will keep trying. In a statement to the BBC, the newspaper’s management managed to reveal that it has dropped advertising on some pages as part of a clean-up operation.
“It appears that an advert appearing on that blogsite may have included malware,” said a spokesman. “There is no suggestion or evidence that any of our users have been affected by this.”
Trend Micro says that The Independent is routing people away from the potentially poisoned pages and redirecting them to the main site. It adds that the page was open and serving the malware as recently as Tuesday, and has been for a good few weeks.
“Based on my investigation, since at least November 21, the compromised blog page redirected users to pages hosting the said exploit kit,” explained Joseph C Chen, a fraud researcher with Trend Micro.
“If a user does not have an updated Adobe Flash Player, the vulnerable system will download the Cryptesla 2.2.0 ransomware”. µ