Attackers use media websites' supply chain to deliver malware
The effect is much like a supply chain attack: one single malicious change propagated instantaneously to legitimate websites and millions of unsuspecting visitors.
The good news is the malware itself requires user interaction and lack of security awareness, i.e. usually clicking on a fake browser update page to download and execute the final malware, which is either ransomware or a remote access trojan stealing sensitive data and passwords to other resources.
Nevertheless, that in itself stresses again the need for constant security awareness initiatives among company employees, as the human element and social engineering continues to drive breaches, with 82% of breaches involving either use of stolen credentials and phishing, according to a recent authoritative report.
Also, the malware campaign is again pointing to systemic vulnerabilities within digital supply chains, this time in media companies relying on 3rd parties to deliver content.