Connect with us

Malware

Major US Newspapers Disrupted After Malware Attack

Malware Vulnerability

Prometei Botnet Infects Systems with Latest Version, Warns Cybersecurity Experts

Hacker News Malware

Emotet Malware Makes a Comeback with Fresh Attacks After Three Months of Silence

Malware

Bug Drop, Malware That Can Bypass Android 13 Sideload Security

Malware

Cobalt Strike Could Strike Windows Defender Secured Enterprises

Malware

The Great Suspender Suspended

Malware

Malware Incidents Have Risen Thanks to Attacks on Remote Workers

Hacker News Malware

Ransomware Holds Users Privates Hostage

Hacker News Malware

ElectroRAT Steals from Crypto-Wallets

Malware

Golang Worm Turns Hacked Systems into Monero Miners

Malware

Major US Newspapers Disrupted After Malware Attack

Published

4 years ago

on

Major US Newspapers Disrupted After Malware Attack

Tribune Publishing Co. an American newspaper print and online publishing company located out of Chicago, Illinois, has been targeted in a malware attack. Tribune Publishing is America’s third largest newspaper publisher and has some notable press companies in its client base, including the Chicago Tribune, and the New York Daily News.

The malware virus infected Tribune Publishing’s computer systems, and caused disruption including missing pages, it prevented certain editions being printed and in some cases caused the entire newspaper to not be printed. These systems are shared with other major newspapers and so affected their printing as well. Those affected include the New York Times, and the Southern California editions of the Wall Street Journal, among others.

The cyber attack is thought to have begun on Thursday 27th December, and one day later on the 28th, had spread to the critical systems involved in printing the newspapers. According to anonymous sources close to the issue, it appears the attack stems from Ryuk Ransomware, however further details about the attack have not been officially released.

What is Ryuk Ransomware?

Ryuk Ransomware is a somewhat unusual or atypical form of ransomware in terms of its methods. Typically ransomware works by a mass emailing or spamming campaign, with the goal of reaching as many people as possible and as such generating as much profit as possible for the attackers. With traditional ransomware, the code or software element of the attack in which the victim’s system is infected is not usually targeted, but rather designed with the aim that it will work on most users computers. Ransom notes in poor or non-native level English are also common.

This is not the case for Ryuk Ransomware, the software is highly targeted and tailored, designed to only affect specific systems and requires a high degree of manual input from the attackers. It is also common to see well worded and long messages accompanying Ryuk Ransomware attacks. The sophisticated of Ryuk has led to speculation that it is connected to the Lazarus Group.

Related Topics:

Experienced British technology journalist and online reporter

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *