Metro US news site suffers malware scare

Data Jimmy Nicholls

14:09, July 23 2014


Could the site be another victim of malicious code injection?

Metro International's US website has been hacked to serve malicious code to users, according to security firm Websense.

The news site, which is not linked to the British newspaper of the same name, is thought to have been injected with code that redirects users to a malware download, a contention Metro is said to be investigating.

Carl Leonard, senior manager of security research at Websense, said: "The rising prevalence of cybercriminals targeting news and media sites highlights that businesses cannot afford to continue to put web security on the back burner - ignorance absolutely is not bliss when it comes to cybersecurity."

A RIG exploit kit is said to be used to drop the virus, a tool that emerged this April and has previously been connected with Cryptowall ransomware.

In the last two months the United States accounted for a third of countries affected by the kit, with Canada, Australia and the UK accounting for 6% each, according to Websense.

"A compromised website courtesy of malicious actors, as is the case with Metro US, is a disaster in every organisation's book," Leonard added.

"It is therefore vital that businesses formulate a tried and trusted disaster recovery plan."

Metro has yet to reply to requests for comment.

Source: Company Press Release

get a cbr Cyber Security weekly update

Terms & Conditions & Privacy Policy.


Post a comment

Comments may be moderated for spam, obscenities or defamation.