Skip to main content

The Independent's blog site is serving ransomware

If you're a regular visitor of The Independent, you might want to skip that one for a few days. Researchers from the security firm Trend Micro have reported that the site's blog was hacked and is currently serving ransomware to its visitors.

At the moment of writing, the blog was still compromised.

According to Trend Micro (opens in new tab), The Independent, one of the bigger media sites in the UK, is serving TeslaCrypt, a ransomware trojan known for targeting computer games, most notably Call of Duty, World of Warcraft, Minecraft and World of Tanks, and encrypting its game files. The victim is then prompted with a ransom of $500 worth of bitcoins in order to obtain the key to decrypt the files.

It is important to note that the entire site is not infected – just the blog section, which is built upon WordPress, the world's most popular blogging platform.

"I stumbled upon this while monitoring the activity of Angler Exploit Kit,” the Trend Micro report reads. “Based on my investigation, since at least November 21, the compromised blog page redirected users to pages hosting the said exploit kit. If a user does not have an updated Adobe Flash Player, the vulnerable system will download the Cryptesla 2.2.0 ransomware (detected by Trend Micro as RANSOM_CRYPTESLA.YYSIX).”

The malware then changes the extension of encrypted files to “.vvv”.

This is not the first time The Independent’s blog site was a target. Last month it was reported that the blog was serving Trojans which would allow hackers to take full control of a targeted system.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.