1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Thousands of WordPress sites have been infected by a mystery malw

    From TechnologyDaily@1337:1/100 to All on Tue Feb 14 17:45:04 2023
    Thousands of WordPress sites have been infected by a mystery malware

    Date:
    Tue, 14 Feb 2023 17:29:24 +0000

    Description:
    Malware redirects WordPress traffic to a different site housing malicious Google ads.

    FULL STORY ======================================================================

    Thousands of WordPress websites were infected with an unknown malware
    variant, cybersecurity researchers from Sucuri have found.

    The malware would redirect the visitors to a different website, where ads hosted on the Google Ads platform would load, bringing in profits for the websites owners.

    The Sucuri team found an unknown threat actor managed to compromise almost 11,000 WordPress-powered websites. Redirected

    WordPress is the worlds most popular web hosting platform, and is generally perceived as secure. However, it also offers countless WordPress plugins , some of which carry high-severity vulnerabilities.

    While the researchers could not pinpoint the exact vulnerability used to deliver this malware, theyre speculating that the threat actors automated the process and probably leveraged whatever known, unpatched flaws they could find.

    The malwares modus operandi is simple - when people visit the infected websites, they would get redirected to a different Q&A website which loaded ads located on Google Ads. That way, Google would essentially get tricked
    into paying the ad campaign owners for the views, unaware that the views are actually fraudulent. Read more

    Thousands of websites hijacked for posioned Google SEO campaign


    Thousands of WordPress sites hacked in scam campaign


    These are the best firewall software around

    Sucuri has been tracking similar campaigns for months now. In late November last year, the researchers spotted a similar campaign that infected roughly 15,000 WordPress sites. The difference between these two campaigns is that in last years one - the attackers didnt bother hiding the malware. In fact, they did the exact opposite, installing more than 100 malicious files per website,

    In the new campaign, however, the attackers went to great lengths to try and hide the existence of the malware, the researchers said. They also made the malware somewhat more resilient to counter-measures, remaining persistent on the sites for longer periods of time.

    To protect against such attacks, the researchers said, its best to keep the website and all of the plugins up to date, and keep the wp-admin panel secure with a strong password and multi-factor authentication. Those that have already been infected can follow Sucuris how-to guide, should change all access point passwords, and place the website behind a firewall. Here's our rundown of the best website builders right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/thousands-of-wordpress-sites-have-been-infected -by-a-mystery-malware


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)