The Evil Corp gang hacked into dozens of US newspaper websites owned by the same company to infect the employees of over 30 major US private firms using fake software update alerts displayed by the malicious SocGholish JavaScript-based framework.
The employees' computers were used as a stepping point into their companies' enterprise networks as part of what looks like a series of targeted drive-by attacks.
Symantec confirmed that "dozens of U.S. newspaper websites owned by the same parent company have been compromised by SocGholish injected code."
Some of the organizations targeted by WastedLocker could have been compromised when an employee browsed the news on one of its websites," Symantec says.
Researchers with Symantec's Threat Intelligence team who discovered these attacks say that the company who owns the compromised news sites was alerted and the malicious code was removed.
Full article on https://www.bleepingcomputer.com/news/security/dozens-of-us-news-sites-hacked-in-wastedlocker-ransomware-attacks/
#ransomware #wastedlocker #symantec #evil