he United States website of the Metro newspaper (metro.us), which serves an estimated 1 million visitors every month, has been compromised and abused to distribute a piece of malware, Websense reported on Tuesday.
According to the security firm, cybercriminals have injected a malicious iFrame into several pages on the website. When users visit one of these pages, they are silently redirected through a traffic distribution system (TDS) to a website that hosts the RIG exploit kit. The exploit kit attempts to find vulnerable software on the victim's computer, which it leverages in order to push a piece of malware.
Most of the victims of this campaign are located in the United States and Canada, which isn't surprising. However, researchers have pointed out that these are also the countries most impacted by cybercriminal operations leveraging the RIG exploit kit over the past two months.