News

‘Thousands of WordPress sites spread malware via VisitorTracker code’

By admin
Spread the love

Last week, thousands of WordPress sites were hijacked with the aim of spreading malware via visitorTracker_isMob code, security company Sucuri claims after investigation. Visitors to the sites are routed to a site with the Nuclear Exploit Kit.

According to Sucuri, the malware campaign started two weeks ago, but has seen a huge increase in the number of infections since Tuesday. It is not clear how the WordPress sites are infected, it is probably through vulnerable plugins, as is often the case.

Criminals add visitorTracker_isMob code to all javascript files on hijacked sites. A backdoor then forces site visitors’ browsers to load an iframe of a page containing the Nuclear Exploit Kit.

Sucuri claims to have found thousands of infected sites, 95 percent of which run WordPress, so sites with another cms may also be vulnerable. The security company recommends that WordPress users update their plugins to the latest version. With a site check, administrators can check whether their site is infected.

You might also like
News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

Senate adopts bill to make doxing a punishable offense

News

Apple withdraws Rapid Security Response security update for WebKit vulnerability

News

European Commission adopts successor to Privacy Shield data transfer treaty