Compromised websites remain one of the surefire ways to redirect innocent visitors to exploit kits. During the past few days we’ve started seeing an unusual route to the infamous Angler EK, notorious for leveraging hacked WordPress and Joomla CMSs.
This wasn’t via the common EITest or Darkleech paths nor was it a direct injection of the landing URL inside the compromised site’s source code.
Leave a reply
