"Long-Running Balada Injector Malware Campaign Infects Over 1 Million WordPress Sites"
Over one million WordPress websites have been infected by the Balada Injector malware campaign since 2017, which exploits known and recently discovered theme and plugin vulnerabilities. The malware allows for the generation of fake WordPress admin users, harvests data stored in the underlying hosts, and leaves backdoors for persistent access. The attacks are engineered to read or download arbitrary site files and search for tools like adminer and phpmyadmin. WordPress users are recommended to keep their website software up-to-date, remove unused plugins and themes, and use strong WordPress admin passwords.