After A Supply Chain Attack, Hundreds Of Online News Sites In the US Are Spreading Malware Around

Proofpoint, a cyber security company, shared its insights about the malware different news sites are getting after they have fallen victim to a supply chain attack. This supply chain attack is spreading around a malware called SocGholish which is already attacking different news outlets. This malware is also known as FakeUpdated Malware because it incorporates itself into the software by disguising itself as a real update. Cyber security companies are suspecting that this malware was introduced by the Russian cybercrime group. Proofpoint however doesn't like to think so. The Russian group, known as the cybercrime group Evil Corp, doesn't pose the threat TA569.

According to Proofpoint, TA569 is a type of supply chain threat that harms the content management servers and redirects all the site traffic to social engineering kits. The SocGholish then fools the users into updating their browsers. The users do not pay much attention to the JavaScript because the malware is disguised as an actual update, and that's why it launches into the site. This malware started from a media company under which many news outlets are.

Many News Outlets in Chicago, Miami, New York, Boston, Washington, etc have been affected by this threat. According to the rough calculations, more than 250 news sites have already downloaded this new JavaScript and now they are using a malware-infested system.

Many cyber security companies are working to stop this malware from spreading around. If more websites use that JS with malware, it will pose more threats to people who use and have access to the sites. For now, what the sites can do is read their new JS updates carefully and try to detect the hidden Malware. For an ordinary person, it is hard to detect it but until cyber security does something, people have to help themselves.

Read next: Microsoft Windows 11 Adoption Rate Surpasses Windows 7 But Remains Stagnant at 15%
Previous Post Next Post