According to security researchers, over 2,000 WordPress sites have been hacked to fuel a campaign that redirects visitors to scam sites containing unwanted browser notification subscriptions, fake surveys, giveaways, and fake Adobe Flash downloads. Security firm Sucuri detected this hacking campaign last week. Some of the vulnerable plugins seen being exploited are the “CP Contact Form with PayPal” and the “Simple Fields” plugins.
>2000 WordPress sites were found to have malware redirecting visitors to malicious sites either hosting scams or downloading more malware.https://t.co/WtC22rV9sq#wordpress #malware
— Cyber Vigilance UK (@Cyber_Vigilance) January 23, 2020
Experts Comments
Linkedin Message
@James McQuiggan, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"Organizations that face these types of attacks should have a well documented backup...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comments-on-thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign
Facebook Message
@James McQuiggan, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"Organizations that face these types of attacks should have a well documented backup...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comments-on-thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign
Linkedin Message
@Mike Bittner, Associate Director of Digital Security and Operations, provides expert commentary at @Information Security Buzz.
"While this arrangement may have worked in the past, the passage of the CCPA has shaken up the industry...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comments-on-thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign
Facebook Message
@Mike Bittner, Associate Director of Digital Security and Operations, provides expert commentary at @Information Security Buzz.
"While this arrangement may have worked in the past, the passage of the CCPA has shaken up the industry...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comments-on-thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"WordPress plugins are another example of third-party risks to websites, and have been a frequent target in the past. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comments-on-thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign
Facebook Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"WordPress plugins are another example of third-party risks to websites, and have been a frequent target in the past. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comments-on-thousands-of-wordpress-sites-hacked-to-fuel-scam-campaign