Administrators of WP and Joomla sites would do well to check for specific fake analytics code injected into their properties, as a ransomware delivery campaign taking advantage of vulnerable sites has been going strong for over a month now.
Sucuri researchers began warning about the “Realstatistics” malware campaign two weeks ago, and dated it back to June 6 (at least).
The name of the campaign was derived from the name of the domains used by the attackers to host the exploit kit: first realstatistics.info, then realstatistics.pro.
Leave a reply
