WordPress Websites Compromised; Injected With JavaScript Code

Attackers utilize the technique in order to imitate the practices of lawful organizations and use a legit advertisement platform for the promotion of their technical support services, which additionally paints them as reliable according to the potential victim.

The as of late observed attacks take after the classic formula to persuade users to call for technical support: a divert to a page demonstrating a notice about viruses running uncontrolled on the PC, and an advantageous toll-free support phone number.

Segura while talking with the Bleeping Computer says that, “We are  pushing ads for some geolocations and user agents, we’ve also seen campaigns designed to redirect to websites that inject the CoinHive JavaScript miner, allowing the attacker to spend the resources of users’ computers to mint Monero cryptocurrency for as long as the compromised page is opened.”

A few sites apart from Malwarebytes have also likewise recognized the compromised ‘wp_posts’ table of the WordPress database, which stores all the content posts, pages, and their corrections, alongside navigation menu item, media records, and substance utilized by plugins.

Leave a Reply