WordPress sites hijacked, VisitorTracker campaign in process

(pc- google images)
Thousands of websites running the WordPress Management system have been hijacked by hackers to infect unsuspecting visitors with malware exploits.
The purpose of hijacking these websites is to use them as relays to redirect any visitor to a server which hosts an attacking code that is provided by the nuclear exploit kit. The server tries a variety of different exploits depending on the operating system and available apps used by the visitor.

According to Daniel Cid, CTO of security firm Sucuri, the firm detected thousands of compromised sites, 95 percent of which are running on WordPress. Company researchers suspect it involves vulnerabilities in WordPress  plugins. 17% of the websites infected by the campaign have already been blacklisted.

Cid said, “If you think about it, the compromised websites are just means for the criminals to get access to as many endpoint desktops as they can. What’s the easiest way to reach out to endpoints? Websites, of  course.”

(pc- google images)
The report by Sucuri highlights all the details of the VisitorTracker campaign as it has been named by the website due to a function in the javascript file called visitorTracker_is Mob(). Administrators can use this Sucuri scanning tool to check if their site is affected by this ongoing campaign.

Leave a Reply