2025-01-31 06:27:50 Pacfic
10000 WordPress Sites Delivering Malware - 9h
A massive cyberattack has compromised over 10,000 WordPress websites, using them to distribute malware to both macOS and Windows users. The attackers exploited vulnerabilities in outdated WordPress versions and plugins, injecting malicious JavaScript code into the sites. This code redirects visitors to fake browser update pages, which then trick users into downloading malicious software. The campaign represents a significant escalation in threat sophistication, with the malware being delivered through client-side attacks via iframes. The malicious JavaScript dynamically injects the fake update pages, and also uses DNS prefetching to enhance the speed of loading these malicious domains.
The malware distributed includes AMOS (Atomic macOS Stealer), which targets macOS users by stealing sensitive data such as passwords and cryptocurrency wallet information. Windows users are targeted by SocGholish, a malware strain that acts as a downloader for additional malicious payloads. This coordinated approach on two operating systems suggests a sophisticated attack group or collaboration. Security experts warn that this is one of the first known cases of these specific malware strains being delivered through client-side attacks, and are urging website administrators to immediately update their WordPress installations and plugins, remove unused components, and review server logs for signs of compromise.
ImgSrc: blogger.googleusercontent.com
References:
- cyberpress.org - Hackers Compromised 10,000 WordPress Websites to Drop macOS and Microsoft Malware - 13h
- gbhackers.com - 10,000 WordPress Websites Hacked to Distributing MacOS and Microsoft Malware - 13h
- cside.dev - 10,000 WordPress Websites Found Delivering MacOS and Microsoft Malware - 10h
- cybersecuritynews.com - Hackers Use 10,000 WordPress Sites To Deliver Malware To macOS and Microsoft Systems - 10h
Classification:
- HashTags: WordPress Malware CrossPlatform
- Company: WordPress
- Target: WordPress Users
- Product: WordPress
- Feature: Malware Distribution
- Type: Malware
- Severity: Major