1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • WordPress sites hacked with malware-laden fake Cloudflare DDoS al

    From TechnologyDaily@1337:1/100 to All on Tue Aug 23 13:15:03 2022
    WordPress sites hacked with malware-laden fake Cloudflare DDoS alerts

    Date:
    Tue, 23 Aug 2022 11:53:17 +0000

    Description:
    Hackers are preying on people that don't understand how DDoS protection works.

    FULL STORY ======================================================================

    Hackers are using a familiar distributed denial of service ( DDoS )
    protection page to trick people into downloading malware , researchers are saying.

    According to cybersecurity firm Sucuri, an unknown threat actor has been modifying poorly secured WordPress sites and adding a fake Cloudflare DDoS protection landing page.

    A DDoS attack works by sending large amounts of internet traffic to a
    website, overwhelming it and preventing actual users from accessing it. But DDoS protection pages dont usually require users to download anything. DDOS GUARD

    The landing page discovered by researchers tells the visitor to download an application called DDOS GUARD, which will supposedly provide them with a code to enter into the site.

    However, the application would in fact download the NetSupport RAT, once a legitimate program for troubleshooting and tech support, since hijacked by cybercriminals and turned into a remote access trojan. Read more

    Google says it has blocked another huge DDoS attack


    Battle.net hit by huge DDoS attack


    Get ultimate device protection with the very best antivirus

    Furthermore, the RAT also downloads an infostealer malware called Raccoon Stealer. This malware steals passwords and cookies, as well as any payment data stored in the browser , including cryptocurrency wallet credentials. It can also steal other types of data and take screenshots.

    As a result, the visitors would hand cybercriminals full access to their computer, and plenty of sensitive data.

    To defend against the campaign, BleepingComputer says, IT teams should check the theme files of their WordPress sites, as thats the most common infection point. Internet users, on the other hand, need to enable strict script blocking in their browser, even though if it meant losing most of website functionalities. These are the best endpoint protection services right now

    Via BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/wordpress-sites-hacked-with-malware-laden-fake- cloudflare-ddos-alerts/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)