According to a cybersecurity firm Sucuri, hackers have hacked over 2000 WordPress websites using a weakness in some installed plugins. As claimed by the Sucuri researchers, the whole idea was to redirect visitors of the affected WordPress websites to a scam website that contains giveaways, unwanted browser subscription notification, fake survey, and fake adobe flash downloads.
This establishes the length hackers can go to take advantage of the vulnerabilities of a website for their goals. This attack is new and it is expected that website owners take the necessary step to avoid being hacked.
Image Source: www.wpbluffs.com
To clearly understand how this campaign works, researchers from Bleepingcomputer carefully followed the direction as planned by the attackers. They were asked to subscribe to a browser notification before they could be able to proceed. This was after one of the affected websites redirected them to the spammy website set up by the hackers. After subscribing, they were led to another website full of tech support scams, fake surveys, and fake adobe flash player updates. From the analysis, it could be found that the campaign is a well-planned one and very serious than it seems.
The Sucuri researchers pointed out that hackers can inject malware like PHP backdoor or Hacktool to give them access to the affected WordPress websites regularly. The hackers change the home and the “siteurl” of the attacked sites to redirect the visitors to their created websites. This is a very common behavior of their campaign. In this note, It is important to be careful when you are redirected to another website when trying to access a site.
Image Source: www.bleepingcomputer.com
The Sucuri researchers also advise that the malware can be removed by cleaning the hacked database table. You can use your database admin panel to connect to the database. Remove any hidden backdoor and secure user account. It is important to have one admin user and set other user roles with limited privileges.
Source: Bleeping Computer
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation to the reliance on or usage of any content, goods or services mentioned in this article.