The Web site of The Mail & Guardian, a leading news outlet in South Africa, was off line on Wednesday after what the paper claims were “sustained attacks” by hackers, reportedly based in Russia. The paper pulled down its Web site, which had begun hosting malicious content and posted a message saying that it was “dealing with the problem,” but needed to take its site down to protect readers in the meantime. “We apologise for this interruption of service. We’ll be back as soon as we have made certain that the problem has been effectively dealt with,” read the message, attributed to Chris Roper, the Mail & Guardian’s online editor.
Roper did not immediately respond to a request for comment from Threatpost.
In a series of posts to his Twitter account, Mail & Guardian editor Nic Dawes said the attacks against the paper originated in Russia, and that the paper’s Web site was being used to push “scams, malware, etc.”, necessitating the take down.
Organized crime groups have turned their attentions to compromising legitimate Web sites, as security firms have improved their ability to identify and track malicious domains. According to data from Web security firm Websense, more than three quarters of Web sites hosting malware in the last two years were legitimate Web sites, not attack sites set up by cyber criminals. Many of those sites continue to evade detection by firms like Google, which recently reported that malicious links are still turning up among the top results in common searches, despite technology to flag malicious Web sites.