Hundreds of U.S. news sites push malware in supply-chain attack


 

visit now: https://cybersecurity-conferences.researchw.com/

Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S.

"The media company in question is a firm that provides both video content and advertising to major news outlets. [It] serves many different companies in different markets across the United States," Sherrod DeGrippo, VP of threat research and detection at Proofpoint, told BleepingComputer.

The threat actor behind this supply-chain attack (tracked by Proofpoint as TA569) has injected malicious code into a benign JavaScript file that gets loaded by the news outlets' websites.

This malicious JavaScript file is used to install SocGholish, which will infect those who visit the compromised websites with malware payloads camouflaged as fake browser updates delivered as ZIP archives (e.g., Chromе.Uрdatе.zip, Chrome.Updater.zip, Firefoх.Uрdatе.zip, Operа.Updаte.zip, Oper.Updte.zip) via fake update alerts.

"Proofpoint Threat Research has observed intermittent injections on a media company that serves many major news outlets. This media company serves content via Javascript to its partners," Proofpoint's Threat Insight team revealed today in a Twitter thread.

This malicious JavaScript file is used to install SocGholish, which will infect those who visit the compromised websites with malware payloads camouflaged as fake browser updates delivered as ZIP archives (e.g., Chromе.Uрdatе.zip, Chrome.Updater.zip, Firefoх.Uрdatе.zip, Operа.Updаte.zip, Oper.Updte.zip) via fake update alerts.

"Proofpoint Threat Research has observed intermittent injections on a media company that serves many major news outlets. This media company serves content via Javascript to its partners," Proofpoint's Threat Insight team revealed today in a Twitter thread.

"By modifying the codebase of this otherwise benign JS, it is now used to deploy SocGholish."

In total, the malware has been installed on sites belonging to more than 250 U.S. news outlets, some of them being major news organizations, according to security researchers at enterprise security firm Proofpoint.

While the total number of impacted news organizations is currently unknown, Proofpoint says it knows of affected media organizations (including national news outlets) from New York, Boston, Chicago, Miami, Washington, D.C., and more.

Top StoriesGoogle Analytics data transfer to U.S. brings $1 million fine to Swedish firmsREAD MORENew Python tool checks NPM packages for manifest confusion issuesMicrosoft denies data breach, theft of 30 million customer accountsHackers target European government entities in SmugX campaignMicrosoft Edge upgrades built-in Cloudflare VPN with 5GB of data300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bugGoogle Analytics data transfer to U.S. brings $1million fine to Swedish firms

Comments

Post a Comment

Popular posts from this blog

Cybersecurity and Cryptography

Image
  Cybersecurity conferences  organized by ScienceFather group. ScienceFather takes the privilege to invite speakers, participants, students, delegates, and exhibitors from across the globe to its International Conference on cybersecurity conferences to be held in the Various Beautiful cites of the world. Cybersecurity conferences are a discussion of common Inventions-related issues and additionally trade information, share proof, thoughts, and insight into advanced developments in the science inventions service system. New technology may create many materials and devices with a vast range of applications, such as in Science, medicine, electronics, biomaterials, energy production, and consumer products. The focal point of  Cybersecurity  is to bring forward discoveries, examine the system and strategic issues, assemble and keep forth basic strategies between analysts, professionals, arrangement producers, and agents of science Associations. Essential Cybersecurity conferences emphasize
Read more

Cyber-Physical Systems Security

Image
  . Cyber-Physical Systems Security (CPSS) refers to the protection of cyber-physical systems, which are integrated systems that combine computational elements (cyber) with physical components (physical) to interact with the physical world. These systems are commonly found in critical infrastructure, industrial control systems, smart cities, autonomous vehicles, healthcare devices, and many other domains The importance of CPSS arises from the fact that cyber-physical systems are highly interconnected and susceptible to various security threats. A successful attack on these systems can lead to severe consequences, including physical harm, disruption of essential services, and economic losses. Ensuring the security of CPSS is crucial to safeguarding public safety and maintaining the functionality of critical infrastructures. Key challenges and considerations in Cyber-Physical Systems Security include: Interconnectedness: CPSS often involves numerous interconnected devices and networks, w
Read more

Cyber Bullying on Cybersecurity

Image
  Cyberbullying is  bullying - unwanted, repeated, aggressive, negative behavior - that takes place over digital devices like cell phones, tablets, and computers . Cyberbullying can happen over email, through texting, on social media, while gaming, on instant messaging, and through photo sharing. Cyberbullying is   a type of bullying in which one or more individuals use digital technologies to intentionally and repeatedly cause harm to another person . Cyberbullying  involves the use of information and communication technologies that support deliberate, hostile, and often repeated behaviour by an individual or group that is intended to hurt others . Whereas low self-esteem is usually linked to traditional bullying, many cyberbullies demonstrate a high perception of self-esteem in perceiving their relationships with peers as satisfying. However,  feelings of loneliness and a perception of unsafety at school  were often linked to cyberbullying. (2019) had the most extensive classificatio
Read more