Skip to main content

Malware attack delays newspaper deliveries across the country

stock photo newspapers delivered at doorway

A malware attack resulted in the delay of newspaper deliveries from the Los Angeles Times and a number of other news outlets throughout the country during the weekend.

According to the Los Angeles Times, the attack was a computer virus that primarily affected many of the Tribune Publishing network’s newspapers, as well as papers like the Los Angeles Times that aren’t a part of the network but still use the same production platforms or software.

Recommended Videos

In addition to the Los Angeles Times, the papers affected by the malware attack included: The San Diego Union-Tribune and possibly every paper in the Tribune Publishing network which includes the Baltimore Sun, the Capital Gazette, the New York Daily News, and the Orlando Sentinel. Outside of the Tribune network, the deliveries of the West Coast editions of The Wall Street Journal and The New York Times were also impacted by the malware attack.

Please enable Javascript to view this content

The computer virus caused the newspaper delivery delay because it infected and disrupted the newspapers’ news production and printing process systems. The newspapers had difficulties in sending their pages to the printing presses. As a result, subscribers received their papers at varying times, if at all, from several hours late on Saturday to the next morning.

Besides the delay in newspaper deliveries, it appears that the malware attack only affected the publishing process and did not appear to deal with sensitive, personal data. In a statement, Tribune communications vice president Marisa Kollias addressed the possible data and privacy concerns related to the malware attack: “The personal data of our subscribers, online users, and advertising clients has not been compromised.”

An anonymous source told the Los Angeles Times that the origin of the attack may have been outside of the United States, but that claim wasn’t further supported with evidence.

We may know the type of malware involved, however. The Los Angeles Times reports that another source, also unable to comment publicly, said that the extensions of the corrupted files in the malware attack was .ryk.

If true, the .ryk file extension would indicate that the malware attack was a form of ransomware known as Ryuk. Ryuk attacks, like many ransomware attacks, are usually used to infect systems with the intent to block users from being able to access the system unless the user pays a ransom to remove the block.

Anita George
Anita George has been writing for Digital Trends' Computing section since 2018. So for almost six years, Anita has written…
This malware infects your motherboard and is almost impossible to remove
A digital encrypted lock with data multilayers.

Researchers have discovered malware that has been secretly infecting systems featuring Asus and Gigabyte motherboards for at least six years.

Since 2016, Chinese-speaking hackers have been infiltrating machines with the CosmicStrand malware, according to a report from Bleeping Computer.

Read more
This dangerous Mac malware can infiltrate your entire system
A depiction of a hacker breaking into a system via the use of code.

A newly uncovered malware designed to target Macs has been effective in obtaining access to systems and stealing sensitive data.

The discovery was detailed by internet security company ESET, which named the malware CloudMensis because of its reliance on cloud storage services.

Read more
Microsoft warns of latest malware attack, explains how to avoid secret backdoor
Privacy security stock photo.

Microsoft has recently discovered another type of malware, named FoggyWeb by Microsoft, that hackers are currently using to remotely steal network admin credentials. The credentials allow the attacker group, which the company has called Nobelium, to hack into admin accounts of the Active Directory Federation Services' (AD FS) servers and control users’ access to various resources.

Microsoft claims that this is the same group behind the SolarWinds software supply chain attack that was revealed in December.

Read more