WordPress Sites Injected with Malicious JavaScript

0
WordPress Sites Injected with Malicious JavaScript

Another Cyber attack has been discovered. A huge campaign has been reported by Cybersecurity researchers. The campaign is responsible for injecting malicious JavaScript code into vulnerable WordPress websites. This malicious JavaScript redirects visitors to fake websites or fraudulent websites that generate illegitimate traffic.

Based on the report of a security analyst from Sucuri Mr. Krasimir Konov, a frequent issue was observed by all websites. Their website’s database files and files, that include the legitimate primary WordPress files were affected by the malware JavaScript.

Files such as jquery.min.js and jquery-migrate.min.js with obfuscated JavaScript hat’s activated on every page load were infected. The infection would cause the attacker will redirect the user to any location that they choose.

The domains located at close to the chain due to the harmful JavaScript could easily be redirected the chain, and could use them to download ads or phishing websites, viruses or malware, or even begin the cycle of further redirects, a security company is owned by GoDaddy said. GoDaddy website warned.

Also Read: iPhone 15 to Switch From Lightning to USB-C in 2023

This latest wave of Cyber attack is an extension of attack that was first detected in the last month. Since the 9th of May, it appears that the Cyber attacks have affected approximately 322 websites. The April attack been a breach of more than 6,500 websites.

Because of the malicious JavaScript Sometimes, users are directed to website that is a fake CAPTCHA verification. The malicious and unwanted ads are disguised as CAPTCHA checks, so when the users click, the ads are receiving their clicks even though the user thinks it’s an authentication process that is controlled by the operating system.

The security analyst for malware Konov, a malware analyst. Konov further added that the attacks target the weak spots and weaknesses within WordPress. They attack the themes and plugins on the website , as well as the malicious scripts are injectable.

LEAVE A REPLY

Please enter your comment!
Please enter your name here