- Apr 21, 2016
- 3,451
Thousands of compromised websites running the WordPress Content Management System (CMS) are redirecting their users to tech support scam pages, as reported by Malwarebytes Labs' Jérôme Segura.
Not surprisingly, given the amount of website hacking incidents involving content managing systems such as Joomla, Drupal, and WordPress, Malwarebytes Labs detected a new wave of hacked sites, all running the WordPress CMS.
Even though the attack vector used to infiltrate the websites is still unknown, the researchers know that the bad actors use multiple ways of injecting malicious code with the goal of sending visitors to browser lock attack sites.
As Segura details, the attackers can add an encoded blurb of code within the hacked website's HTML headers tag, a JavaScript-based one line script which loads the full attack script or malicious code within the Word... (read more)
Read more: Thousands of WordPress Sites Send Visitors to Tech Support Scams
Last edited by a moderator: