Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Hundreds of US news sites hacked to send out malware
PostedinPrivacy and Security Posted on November 7, 2022

Hundreds of US news sites hacked to send out malware

Posted By Shannon.Smith

American news outlets hijacked to deliver SocGholish malware

Hundreds of news websites across the US have been compromised to deliver malware to their readers, researchers are saying. 

Experts from Proofpoint discovered a malware (opens in new tab) distribution campaign that targeted an unnamed media company in the US which owns hundreds of websites belonging to various newspapers. 

Allegedly, some of the sites are national, others are from New York, Boston, Chicago, Miami, Washington, D.C., and others. 

Fake browser updates

Overall, more than 250 websites owned by the company were hijacked to deliver the SocGholish JavaScript malware framework. These sites deliver their content to the readers via a benign JavaScript code. That code was hijacked to deliver what’s known as “initial access threat”, which pushes drive-by-downloads pretending to be software updates.

In other words, website visitors would be prompted to download fake browser updates delivered as ZIP archives.

“The media company in question is a firm that provides both video content and advertising to major news outlets. [It] serves many different companies in different markets across the United States,” Sherrod DeGrippo, VP of threat research and detection at Proofpoint, told BleepingComputer.

“Proofpoint Threat Research has observed intermittent injections on a media company that serves many major news outlets. This media company serves content via Javascript to its partners,” Proofpoint said in a Twitter post. 

“By modifying the codebase of this otherwise benign JS, it is now used to deploy SocGholish.”

Proofpoint also said that SocGholish can be used to launch stage-two attacks, which could include ransomware infections, as well. It seems to be speaking from experience here, as Evil Corp, an infamous Russia-based threat actor, is known for using SocGholish in similar campaigns. It once even tried to deploy its WastedLocker ransomware, but was thwarted by Symantec. 

In this particular situation, it seems that the attack is the work of a group tracked as TA569.

“The situation needs to be closely monitored, as Proofpoint has observed TA569 reinfect the same assets just days after remediation,” the researchers warned. 

Source: TechRadar.com, by Sead Fadilpašić
Featured Image Credit: Shutterstock.com

Share on Facebook Share on Twitter
Previous Article
Xiaomi unveils concept phone with interchangeable camera lenses: Hardware chaos or pure genius?
Next Article
Google One Premium Subscribers Now Get VPN Protection on Windows, Mac

About Author

Shannon.Smith

Related Posts

  • Ransomware access broker steals accounts via Microsoft Teams phishing

    September 13, 2023
  • Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits

    September 7, 2023
  • FBI: Hackers Are Having a Field Day With Open-Source AI Programs

    August 10, 2023
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • The fastest OnePlus 8 5G variant is an exclusive with Verizon April 15, 2020 Reviews
  • Windows Platform Is Like Rubik's Cube January 5, 2009 Archive
  • Clearview AI is looking to expand globally, report says February 6, 2020 Emerging Technology & News
  • Big Tech coalition challenges Google and Apple’s monopoly on maps July 31, 2023 Business
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok