The Latest in IT Security Malware Campaign – More Details


We are getting lots of questions about the latest mass compromise targeting WordPress sites (redirecting to fake AV) that has affected over 30,000 domains.

The first question is how are these sites getting hacked? On all the cases we analysed, they either had outdated versions of WordPress, or of a plugin. We can safely rule out any new vulnerability on WordPress itself.

We also posted about it a week ago when we detected this malware campaign using domains.

As we promised in the previous post, this is an update to what we are seeing.

More Details

  • The malicious domains are still pointing to and (same IP’s used by the group behind the and attacks)
  • More than 200 different domains are being used
  • We have identified more than 500 variations of the injected URL to random domains names in the TLD:

If you’re not sure if you’re infected, do a free website malware scan using SiteCheck

Leave a reply


TUESDAY, JULY 16, 2019

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments

Social Networks