Researchers in cybersecurity have revealed a huge operation responsible for inserting malicious JavaScript code into hacked WordPress websites, redirecting users to scam pages and other malicious websites in order to earn fraudulent traffic.
The campaign, which is a continuation of a previous wave discovered last month, is thought to have affected 322 websites as of May 9. In contrast, the April round of assaults compromised almost 6,500 websites.
“It has been discovered that attackers are exploiting several vulnerabilities in WordPress plugins and themes in order to breach the website and insert malicious code,” Konov stated.
“The websites all had a common issue – malicious JavaScript had been injected inside their website’s files and the database, including valid core WordPress files,” Sucuri malware specialist Krasimir Konov stated in a study released Wednesday.
This entailed infecting files like jquery.min.js and jquery-migrate.min.js with obfuscated JavaScript, which is active on every page view and allows the attacker to redirect website users to a destination of their choice.
According to the GoDaddy-owned website security organization, the domains at the end of the redirect chain might be used to load ads, phishing sites, or malware.
In certain cases, unknowing visitors are sent to a rogue redirect landing page with a bogus CAPTCHA check, after which they are served with intrusive adverts disguised to appear to come from the operating system rather than a web browser.
Here sources:
https://publicwww.com/websites/%22legendarytable.com%22/
