Site icon The Cybersecurity Daily News

Several WordPress websites were attacked; visitors were redirected to corrupt websites

Critical vulnerability
Wordpress update
CyberDaily: Cybersecurity News

Cybersecurity researchers have revealed a campaign entailing the injection of malicious JavaScript code into affected WordPress websites. The affected websites redirect visitors to fake pages and other infected websites to create illegitimate traffic. 

“The websites all shared a common issue — malicious JavaScript had been injected within their website’s files and the database, including legitimate core WordPress files,” Krasimir Konov, a malware analyst at Sucuri, said in a report published Wednesday.

The attack entailed infecting files such as  jquery.min.js and jquery-migrate.min.js with corrupted JavaScript active on every page load, therefore; allowing the attacker to lead the website visitors to wherever they want to. 

The GoDaddy-owned website security company said that the domains at the end of the redirect chain could be used to load advertisements, phishing pages, malware, or even trigger another set of redirects.

In some cases, oblivion users end up at a rogue landing page having a fake CAPTCHA check, which hosts unwanted ads disguised as operating system posts and not from a web browser. 

The campaign, which continues a previous campaign detected last month, has affected 322 websites so far, starting May 9. The April set of attacks, on the other hand, has breached over 6,500 websites.

“It has been found that attackers are targeting multiple vulnerabilities in WordPress plugins and themes to compromise the website and inject their malicious scripts,” Konov said.

Reference:

https://thehackernews.com/2022/05/thousands-of-wordpress-sites-hacked-to.html

Exit mobile version