Hackers hacked more than 300 Wordpress sites to deploy clickbaits. Based on the survey made by cybersecurity professionals, a massive campaign was responsible for the intrusion of Javascript codes into vulnerable WordPress sites to swindle users’ intelligence. Hackers generate sensitive data from users by redirecting them to malicious websites.
Why Wordpress?
A report published on Wednesday by Sucuri, a malware analyst, found that since most websites share common issues, injecting malicious javascript within their website, including data and important WordPress files, may not be easily detected, especially for sites that have less security compliance regulations.
The occurrence of this attack has resulted in infecting files such as jquery.min.js and jquery-migrate.min.js with obfuscated JavaScript that’s activated on every page load allowing visitors to be redirected to another source of the hacker’s choice.
A GoDaddy-owned website disclosed that the domains at the end of the redirect chain contained malicious codes used for unauthorized cookies, advertisements, and phishing pages. This is the intelligence of a hacker to strategies with the visitor’s concept in acquiring information that will ascertain infrastructure, funding, and data breach
Most of these disguised CAPTCHA checks are imposed upon the users to be clicked before they can have access to the website, this redirected landing page when clicked can penetrate the operating system to get full administrative use and control.
Thus hackers can use this as a medium for ransomware, deploying worms, and trojans by logging the user out of the system. An upsurge of the campaign detected last month was believed to have impacted 322 websites so far, starting May 9. The April set of attacks, on the other hand, has breached over 6,500 websites.
Konov said hackers’ main target is vulnerable WordPress sites to gain full access and inject javascript codes to deploy their malicious acts. While the number of compromised websites is minimal, there may be an increase if the vulnerability is not patched.
