Summary: A widespread malware campaign has been discovered targeting over 5,000 WordPress websites, creating unauthorized admin accounts and installing malicious plugins. The investigation is ongoing, with users advised to check for unauthorized accounts and remove suspicious plugins.
Threat Actor: Unknown | unknown
Victim: WordPress Websites | WordPress Websites
Key Point :
- Malicious scripts create unauthorized admin accounts with hardcoded credentials.
- Infected sites download and activate a malicious WordPress plugin that sends sensitive data to a remote server.
- Users are advised to block the malicious domain and audit their admin accounts.
- c/side can provide protection against such attacks by analyzing and blocking potentially malicious scripts.
Source: https://cside.dev/blog/over-5k-wordpress-sites-caught-in-wp3xyz-malware-attack
Views: 2