Friday, June 2, 2023

WordPress malware impacts more than 14,000 users - Tech Monitor

Last updated Wednesday, February 15, 2023 08:05 ET , Source: NewsService

More than 14,000 WordPress users have seen their systems infected with malware that places fraudulent adverts on their sites, redirecting victims to fake question and answer pages. The malicious redirects appear to be designed to improve the search engine optimisation (SEO) of the attackers sites, so that they are more prominent on Google.

Victims are redirected to sites that contain huge amounts of infected files, according to a new report released by cybersecurity company Securi. It found 20,000 infected files across 2,500 sites during the months of September and October alone.

Malvertising campaign infects 15,000 sites

It is unclear how the malware is injected into the WordPress systems, but once activated it works by exploiting URL shortening websites like bit.ly which feature in the Google Ad-sense adverts served up on many sites. The truncated URL will redirect to the wrong place, in this case to a bogus Q&A site.

Once the malware has been clicked on it then hijacks the new site and takes advantage of the resources within it, like website traffic and rankings. “Attackers are often found promoting spam for pharma, easy writing services, knockoff products or, in this case, fake Q&A sites,” states the report.

The promotion of fake Q&A websites, examples of which are relics of the internet such as search portal Ask Jeeves and Quora, are what sets this campaign apart from the rest.

By redirecting to these fake sites, the attackers appear to be trying to build...

Read Full Story: https://news.google.com/rss/articles/CBMiTmh0dHBzOi8vdGVjaG1vbml0b3IuYWkvdGVjaG5vbG9neS9jeWJlcnNlY3VyaXR5L3dvcmRwcmVzcy1tYWx3YXJlLW1hbHZlcnRpc2luZ9IBAA?oc=5

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.